Cyber News

By Michelle Hansen

This year’s International Women’s Day theme, “Balance for Better,” calls for gender parity. Closing the gender gap, according to a 2017 World Economic Forum report, is a key to economic development and “the growth, competitiveness and future-readiness of economies and businesses worldwide.”

The report estimates that closing the gender gap in economic participation by 25 percent between 2017 and 2025 will result in a US $5.3 trillion increase in the global GDP. A key factor in women’s ability to contribute to the global economy is their ability to access mobile technology, including handheld devices and wireless Internet connectivity.

Such access can empower more women to become part of the global business world. But leveraging mobile technology to advance the world economy requires an information-managed process focused on security.

The ubiquitous nature of mobile devices provides the paradigm by which our society works, plays, communicates and stays connected. The paradigm with mobile computing involves the computation of information based on user movement and encounter. Smart devices are both personalized, as with smartphones and wearables, and embedded, as with sensors and Internet of Things appliances. All these connected conveniences create pervasive information systems that go where we go, record what we do, and easily connect to any wireless network in range—all without most people knowing it is happening.

Secure human behaviors empowered by publically available information will guide the users of smart technology in protecting their identity and privacy. Human behavior is repetitive and predictable; therefore, people need to be diligent in using mobile devices, downloading apps and content, and wirelessly connecting to the Internet by using prevention, deterrence, and defense. (PDD).

Protecting personal data from nefarious activity starts with choosing behavior over technology. Users who practice personal security tradecraft techniques to mitigate exposure will develop secure habits and behaviors. Furthermore, this practice alleviates a false sense of security based on technology alone. There are four truisms that can be exploited:

1. Each of us has a distinct pattern of behavior.
2. If another party has access to your data, you must assume a compromised posture.
3. Increasing the levels of security, both in behavior and technology, will increase probability of threat detection.
4. When it comes to defense, simplicity is good, as complexity induces vulnerability.

The use of mobile devices and smartphones in particular exposes both data we have stored and data that is captured by installed apps, towers and networking hardware, and the devices themselves. Hackers can access user data while in transit along insecure connections, as well as through apps that have been installed on personal devices. In 2018, T-Mobile reported that millions of its users had data stolen, including passwords, home addresses, email accounts, and address books.

Assured identity and privacy is protected by authentication and access control systems used to verify account credentials. Email services and apps, device PINs, and network resources including the Internet of Things and real-time systems all use accounts for access and validation.

In constant balance is the need for confidence and trust of users and online entities, with the need to protect the privacy rights of these users and entities. Researchers and businesses continue to look at options for strengthening systems, including using role-based access control (RBAC), biometrics, pervasive surveillance (“Panoptic Effects”), privacy-protecting transformations of data, privacy-protecting data mining methods, privacy regulation (e.g., HIPAA and COPPA), oblivious multiparty computation, and trusted proxy research.

One promising new technology is the use of flexible signatures, whereby a verification algorithm is used to validate credentials in a systematic manner that is quantifiable and trusted. Ultimately, the level to which a person can be confident that their data, identity and privacy are protected is a direct correlation to their own efforts to stay informed of threats and vulnerabilities, and actions to minimize vulnerabilities based on behavior.

March is Women’s History Month, an appropriate time to highlight the link between technology and gender parity. Access to all information systems, technologies and connectivity is essential to women’s full economic participation in the global economy. According to USAID, providing online and mobile access to 600 million women could contribute $18 billion to GDP growth in 144 developing countries. But arriving a full participation must go hand in hand with building awareness around behaviors and threat vulnerabilities, and establishing identity and privacy through trusted authentication and access control systems.

As more and more women adopt mobile technology to advance their position in the global economy, they also can have a significant influence on individual privacy and identity by demonstrating safe behaviors and choices, including choosing secure connections to the Internet, safeguarding confidential information, and avoiding malicious third-party apps.

About the Author
Michelle Hansen is collegiate professor of cybersecurity and computer forensics at University of Maryland University College.