This is the speech delivered by Philip Hung Cao, Cyber & Zero Trust Evangelist on October 30, 2021 at TEDxHUS. Official video from TEDx is provided below:
Hi everybody, this is Philip Hung Cao. I’m very happy to be here to share with you about the role, value and benefits of Cybersecurity; and how you can prepare yourself to live safer in the post-COVID pandemic and also in the digital age.
The COVID-19 pandemic happened and caused a lot of damage to our society. But it helped humanity to realize the importance of using technology to get through it and start to recover from the damage.
First and foremost, it brings a positive impact to both the government and citizens in many different fields. Because of the requirements of social distance, contactless systems allow sanitation in person and in organizations. And banks, post & delivery service and even government bodies started to adopt these kinds of technology and it helps to reduce the labour cost as well as reduce the so-called F0 positive cases. The pandemic also helps accelerate the automation of fundamental government services because you need to access these services remotely: you need to use your chip-embedded ID card to authenticate to the government system; use the remote insurance or healthcare service on demand and pay the bills for water and electricity directly from the payment system. The government can leverage technology to start building a central national digital system to track the status of COVID-19 across the country; build the mobile app so the citizens can use the app to register themselves to this digital system; update their health status daily and use the app as the digital passport for the vaccination. The pandemic also helps to increase the digital awareness of the citizens. The citizens start to learn how to use the smartphone better and the apps running on it to enjoy the benefits of government services. They start to know what the barcode in the health tracking app is, and how it is used for. They start to use more mobile apps for banking transactions and payment, for delivery; for email; for instant communication with audio and video calls…. And this is a good start for the digital transformation journey of the country.
But there is another side of the pandemic. The wide adoption of technology leads to huge cyber risks including: the risk at the personal level like identity theft; challenges in insecure personal finance account management; also the cyber risks at the organizational level for the banks, credit funds and insurance firms. At the personal level, people still lack knowledge and awareness of cyber attacks. Social media hacking, personal account hacking, phishing attacks; social engineering attacks and blackmail happen all the time. And a worst case scenario is that the victims of the attack consider it a form of unlucky situation and seldom report it to the proper channel. They often keep silent, create a new account and afford the money stolen. So the cyber attacks still carry on to them again at another time. And because they don’t report and share the information with others, other people become an easy victim of the same attack and tactic. At the organizational and higher level, cyber attacks in Vietnam keep increasing and getting more sophisticated, bringing a big impact to the national security and the safety of the society. The urgent requirements to build the system to serve the working from home and remote access purposes lead to vulnerabilities of the system and the increase of attack to the employee while working from home due to limitation of protection for the working machine and environment at home. The supply chain attacks also keep increasing to the organization as they have to open more connections to share the information and data in order to make the whole ecosystem work flawlessly. At the social level, bad, fake and unverified news can be seen and heard everywhere from the social media environment to the online magazine and broadcasting environment, causing nervousness to the citizens.
Then, Cybersecurity comes into this picture and brings along lots of value and benefits. It can help to raise awareness of the citizens so they can protect themselves from cyber attacks. It helps to build a safer digital environment and keep the privacy of the digital citizen who participates in the system; and help the organization be confident to launch better applications and services faster to the market. And the government can embrace cybersecurity to provide safer critical applications and services, so the citizens can feel more confident and comfortable to use them.
So what should we do to embrace Cybersecurity and prepare ourselves to live safer?
At the personal level, we should have a high level of cybersecurity awareness by adopting a Zero Trust mindset when working from home or remotely, or even when surfing on the Internet. So what is a Zero Trust mindset? Start by asking yourself these questions: Can I trust this? If I can not trust this, what should I do to verify? And how should I do that? And of course, the answer should be NO at all times: because we Never Trust, we Always Verify! We should have advanced security protection software installed on our machine, and better don’t download and install the unknown and untrusted software; don’t share or access the strange or unverified links. We also need to be careful while talking with strangers on the Internet. Remember don’t ever share any privacy data like personal ID, date of birth, driving license, your certificates with personal info like marriage certificate, degree certificate, your credit card info, your health info, your home address or even your mobile phone number. And don’t forget to update the installed applications, the advanced security protection software and the operating systems regularly.
At the organizational level, we should adopt Zero Trust as our cybersecurity strategy and architecture first, especially when you think of adopting a cloud environment (like private cloud, public cloud, hybrid cloud or even multi-cloud) to accelerate your business. Don’t think of cybersecurity as a cost center like before. Rather than that, start to think of cybersecurity as a business-driven opportunity and spend more budget to invest for it. We also need to protect our employees no matter where they are, and have secure connectivity with advance protection to our organization so our mobility workforces and branches can access corporate data and applications safely. And continuously monitor and analyze all the anomaly behaviors and incidents; then have fast & automated responses to them. Latest industry capabilities and technologies like eXtended Detection and Response (XDR), Secure Access Service Edge (SASE) architecture and a modernized autonomous Security Operations Center (SOC) would be a great approach for this. By the way, don’t forget to have a shift left approach in your Software Development Lifecycle and train your software developers about secure code practice. Start to build your cybersecurity culture program, beginning with security awareness training to employees. Again: Adopt, Build and Commit to your Zero Trust journey, so it can help you to reduce Total Cost of Ownership (TCO), save your time & efforts, build a cybersecurity culture for the future, as well as accelerate your Digital Transformation journey.
Cybersecurity is becoming more important for our lives, and the only way to live safer in the post-pandemic world and becoming a better digital citizen in the digital era is to understand the role, value and benefits of cybersecurity, adopting it more for ourselves, our families and our society, and don’t ever forget to prepare for a Zero Trust mindset when participating in digital systems and the Internet.
Last but not least, a call to action to our generation of youth (Gen Z, Alpha): I do hope that you understand that it is your generation that can change the world, change the country and move our people forward. I hope you realize the importance of adjusting or changing your mindset to live, study and work in the future. I look forward to a new generation of digital citizens with positive thinking, cybersecurity readiness in mind, full of enthusiasm and aspiration, living with goals and meaning, not afraid of difficulties, pioneering in accepting changes, seriously studying, practicing and continuously improving your knowledge and are not afraid to share your knowledge and experiences with those around you.
Let’s do our best, young people!
Thank you all very much.
Philip Hung Cao
Cyber & Zero Trust Evangelist