Cyber security is a major concern in this tech era where people are too overwhelmed with technology to the extent that they tend to feel safer in the face of technology. Emerging technologies like Artificial Intelligence (AI), Blockchain, and Quantum Computing have facilitated the millennials with the luxury of automating their work, at the same time these technologies have accounted for the emergence of Cybercrimes. DDos attacks, Business Email Compromises which are also termed as phishing attacks, Ransomware attacks are abundant as forms of raiding money and data from Cyber users. It is noticeable that at present, these attacks are fully automated with the help of latest technologies.
Cyber security is a constantly fluctuating field as new threats emerge and knowledge-wise, there is always space for learning and that learning never ends. There are challenges globally as well as locally when it comes to the Cyber Security professional’s gap. Another major highlight is the lack of focus or constant vigilance on Cyber security and lack of proper training related to the subject.
Following is an excerpt from an interview conducted with Cyber Security Specialist, Asela Waidyalankara on new technology adaptation and security.
Q: As a Cyber Security Specialist, how do you see the threat to Cyber Security at present?
A: As we all know, as consumers of technology, we are living in an era where Cybercrimes are abundant. It is true that technology helps us largely, but it is the very technology that has put not only our lives, but also enterprises and large conglomerates at risk. One determining factor is that people are not aware of the magnitude of Cybercrimes, but they are recognized worldwide as a dire threat.
Q: Have you identified any possible measures to implement in enhancing Cyber security?
There are two legislations that can be deployed to minimize cybercrimes. One is Cyber Security Act which contains the outline of how Cyber security incidents should be managed in Sri Lanka and the other is Data Privacy Act which allows the control of data sharing online, and prevents third parties from using citizens’ data without their consent.
A: How important is security for Smart Devices?
Most part of our lives are spent with Smart devices at our fingertips. We use Smart devices, especially Smart Phones to surf web, store personal data, photos and documents, for communication and much more activities. So privacy and data protection are of paramount importance to Smart devices. Recent years saw Cyber attackers tricking users into sharing their personal details and at the same time, these attackers are experts at extracting data from Smart devices. The users think they are safe, but not to be as fast faced technology has opened up new avenues for cybercrimes. Hence, Tech Companies have identified the need to put in more weight into the security aspect.
Q: As someone who is closely observing the latest technology shifts, how concerned are you about the security aspect of Huawei’s new eco-system?
A: When it comes to security, HMS is unarguably up their as one of the best mobile eco-systems with over 20 compliances to its name. GDPR and GAPP certification consists of general data protection regulation and generally accepted privacy principles which help to prevent global data risk. A security compliance, Trust E certification processes personal information to demonstrate responsible data collection by integrating practices consistent with regulatory expectations and external standards for privacy and accountability. Another certification, PCI is a security standard for data security of payment accounts facilitated by developing standards and supporting services that drive education, awareness and effective implementation by stakeholders. EMVCo is a certification which facilitates world-wide interoperability and acceptance of secure payment transactions by ensuring a unified international payment framework which supports a range of payment methods and technologies.
Apart from that, CSA STAR Certification embeds cloud specific security controls and maintains security enabling cloud customers to assess security of cloud services. Moreover, ISO 27001 certification is an Information Security standard intended to bring information security under management control and give specific requirements. Secure development of IT products/Software certification ensures secure software development by incorporating security practices into each phase of software development life cycle.
Having gone through the compliances associated with HMS, I am confident that Huawei’s new eco-system is well secured in terms of privacy and data protection. One key addition to HMS is Huawei ID which can be considered as a sheer shield which protects data from any fraudulent acts.
Cyber Security Specialist Asela Waidyalankara