- CICR-Daily FT event highlights dangers of social media and importance of cyber security to future leaders of the country
The third Annual Youth Cyber Security Summit, as an extension of the seventh Annual Cyber Security Summit organised by CICRA Consultancies and the Daily FT in September, attracted the attendance of over 350 schoolchildren.
All of these students were sponsored to attend the event by cooperate entities that believe in protecting the next generation through education and awareness. The event was originally part of CICRA’S corporate social responsibility initiative, which has evolved to be part of the Cyber Security Summit as its importance and impact have grown more apparent with each passing year. The Youth Summit is now an integral part of the overall summit and instructs the younger generation on the responsible use of social media and digital devices and the pitfalls they pose.
Above all, the summit aims to educate the students present on how to handle and overcome cyberbullying in today’s online world.
In a world where 14% of teenagers have considered suicide due to cyberbullying and 90% of them regard it as a real issue for children their age, this is a crucial awareness-building exercise for the young participants of the summit.
The event was also attended by high-profile veterans in the ethical hacking and computing industry. CICRA Consultancies CEO Boshan Dayaratne started things off by briefly explaining the objectives of the youth summit: educating students about just how unsafe their online information is. This was followed by a demonstration of how the CICRA team had retrieved the login details of those who had connected to the free Wi-Fi provided at the premises. This exercise made quite an impact on all those present, driving home Dayaratne’s advice to the students to take their cyber security seriously.
Lax cyber security
The keynote speaker for the Cyber Security Summit was Dr. Sam Bowne, a DEF CON veteran and the founder of InfoSec Decoded Inc. as well as an instructor at City College, San Francisco, the US. His years of experience as an ethical hacker gave him ample content to conduct a presentation on how vulnerable the apps and websites of companies, multinationals and other organisations were.
He drew from real-life examples of banks, universities and corporate entities that had vulnerabilities in their Android apps and demonstrated how he had reached out to have those deficiencies accounted for. The most poignant moment of his session came when he emphasised that “the people whom we trust to run all the companies in the world have no idea what they are doing” in terms of cyber security and protecting their clients’ and customers’ information.
Dr. Bowne later stated that in the US, the social media situation was a huge problem.
“To be fair, there are benefits and costs, but people use it foolishly and then they get in trouble. People need to learn to be careful with social media the same way they are careful with other things, like driving and eating and such. But I think the important thing for us to understand is that the older generation often cannot comprehend how to teach their children about the internet, social media and related things,” he replied when asked about social media and why people do not treat it with adequate caution.
This revealing session was followed by a discussion led by ISM APAC Global IT Director Uditha Wijesundara. In his interactive session, he highlighted the risks of social networking in the age of digital transformation and spoke about the impact of social media and how users were making themselves vulnerable by publishing their information online.
He displayed the statistics behind data and social media usage, leaving everyone to wonder just how much information was truly out there and how things would turn out if one mistake led to everything being exposed.
Wijesundara’s most stunning revelation was that social media giant Facebook collected user data from 19,000 different angles. He also demonstrated why one should never compromise one’s digital privacy without asking why, when he asked an unsuspecting student to unlock his phone and hand it to him.
The gravity of the global cyber security threat, as demonstrated, seemed to hit home with the students in attendance.
“Dr. Bowne spoke of things that enlightened most of us, Wijesundara showed us the risk of social networking; these are things we didn’t really pay attention to, even though we know them. Now we have been made to think about what would happen if our information gets leaked. We know that this is something that could possibly happen, but we never think that it will happen to us. If these massive companies that we place our trust in, our money in, have security issues, and you think about the local companies, the question is what if those companies are being hacked and they just don’t know it?” remarked Ahmadh Booso, 19, a student of Zahira College, Colombo.
“I regret doing whatever (social media-related practices) I’ve done in the past, after listening to these speeches and I feel like I have to change my lifestyle. This is clearly going to benefit me because my exams are coming up. It’ll stop my addiction (to social media). When Dr. Bowne spoke, I thought to myself ‘why are these companies so irresponsible? Why don’t they do anything?’ We trust them and they don’t respect that and I think it’ll be hard for us to trust any company hereafter,” said Illakyah, 16, a student of Advent International School, Negombo.
“The sessions taught me a lot about cyber security and how our information is easily hacked when we connect to free Wi-Fi. We were shown things we didn’t even think were possible and I think now we are more aware of things than before,” added P.R. Praveen, 17, from S. Thomas’ College, Mount Lavinia.
The teachers accompanying each student delegation, most of them teaching Information Technology and Computer Science, had more to add about the impact of these sessions.
“Although I am an IT teacher, I took social media very lightly. Coming here, I realised it was a serious issue. I want to be more secure and teach my students to use social media in a more secure way. In a few years, everything is going to be digitised and you won’t be able to stay away from social media. I have accepted that but I never stopped to think how this would negatively impact children specifically. We need to find out more ways to become secure online. The students have definitely learned something they didn’t know at the summit today, and so have I,” said Methodist College, Colombo IT Teacher Gnanamoney.
Experts such as Cellebrite, Israel Managing Director Arthur Veinstein spoke at length on the subject of Digital Intelligence and why it was essential to make the world a safer place. The recurring theme throughout the sessions was how unsecure digital channels were, and how people place too much trust in companies to protect their data. Veinstein also instructed his young audience on the importance of awareness and risk assessment when it comes to handling social media or personal information on any online platform.
Hatton National Bank Plc’s Deputy General Manager Risk, Chief Risk Officer and Chief Information Security Officer Damith Pallewatte used the results of his assessments of the responsible use of technology in financial services to enlighten the participants of the youth summit. This session focused on banks, online banking portals and the like. It proved to be insightful to the audience, who were made aware of the various facets of finance.
National Institute of Business Management Department of Computer Science Head Dr. Buddhima Subasinghe conducted an enlightening session aptly titled ‘Stepping into a SMART World as a Visionary Leader’.
She commented on the emerging global trend of relying on social media and the internet and advised the younger generation on how they could use the tools available to them to their advantage. Her session centred on inspiring the audience to utilise social media and the internet wisely, so as to benefit from them and not fall victim to their negative effects, which are currently presented as normative.
Securing online information
Sri Lanka CERT CC Information Security Engineer Dayalan Nagaratnam was also part of the esteemed panel of speakers.
His session focused on safe internet use and he spoke extensively about how the younger generation of internet users could secure their portals and information just by thinking before posting and paying attention to warning signs.
As the final session of the day, Nagaratnam’s ideas offered a satisfying conclusion to a day which was spent exposing vulnerabilities in systems and portals that people usually place blind faith in.
Between these highly informative and data-driven sessions, CICRA Consultancies conducted a few more hacking demonstrations. These were interesting and instrumental in revealing the drawbacks and associated risks in many online platforms to the audience of students. They served the dual purpose of educating those present and making them hyperaware of the dangers they faced every day when they connected to online platforms or used free Wi-Fi. They also provided a change of pace from the instruction-based sessions. Each hacking demonstration was earnestly observed with renewed interest by all students present.
CICRA provided refreshments to students, teachers and speakers during the day, so that students’ focus would not drift. There was also much discussion among the students about the content of the sessions that were conducted, with each school delegation carefully dissecting the importance of cyber security.
With the goal of the youth summit being to educate schoolchildren on the lack of safety in the online world, it was encouraging to hear student-led discussions taking place between sessions and ideas being exchanged about protecting identities and staying safe on social media.
Speaking on the renewed interest behind hosting the youth summit and the Cyber Security Summit, CICRA Consultancies CEO Dayaratne stated: “As Sri Lankans, we are still recovering from the devastation of the last few months. These tragic circumstances leave us with the stark realisation that we are not safe – our homes, offices and country’s security are at risk and it is up to us as a community to prevent tomorrow’s threats today. One approach to see this dream come to fruition is to educate the young – they are the future of our country and if they grow up with a sense of awareness and actual knowledge and facts regarding how cybercrime happens, then they can make sure that intelligence does not go to waste when they are in power.”
All sessions conducted by industry experts and influential personalities at the third Annual Youth Summit on Cyber Security contributed to its success. Dr. Bowne’s eye-opening talk and demonstration set the tone, along with the graphics onscreen, indicating that cyber security is a serious issue that has many aspects and deserves lengthy discussion at every turn. Wijesinghe and the other speakers expertly handled the dissemination of fact and opinion to the young audience, with each of their sessions keeping the students, teachers and guests interested and alert to the fragility of online security.
Each speaker imparted invaluable knowledge and expertise that increased the value of the summit immensely. Students had much to gain and left the summit with insight, information and data that they could never have obtained from anywhere else, with the determination to be better at protecting themselves online.
The strategic partners of the 2019 Cyber Security Summit were Cisco and Visa. The co-sponsor was Cellebrite, Israel. The official payment network was LankaPay, insurance partner was Sri Lanka Insurance Corporation, official printing partner was Lake House Printers and Publishers, hospitality partner was Cinnamon Grand, creative partner was Triad and electronic media partner was TV Derana. Sessions are available online at www.ft.lk for viewing purposes.
Pix by Upul and Ruwan