What is TED?
First off, here is what TED say about themselves:
"TED is a global community and online platform that welcomes people from every discipline and culture who seek a deeper understanding of the world. TED passionately believes in the power of ideas to change attitudes, lives and ultimately the world. On TED.com we're building a clearinghouse of free knowledge from the world's most inspired thinkers — and a community of curious souls to engage with ideas and each other, both online and at TED and TEDx events around the world, all year long."
In my opinion, TED or TEDx is also one of the best platforms to find very good and especially inspiring speakers and amazingly interesting topics.
So naturally, I was thrilled when I received a call from TEDx organizer TEDxKULeuven in Belgium in March 2021, asking me to give a TEDx talk in mid-May. Unfortunately due to the Corona pandemic, the format was a bit different from the normal TEDx talks but to be honest I didn't mind too much.
I've spoken at many security related conferences, large and small events and I'm used to a very diverse audience, but still, TED(x) is always a little different. It's about conveying an inspiring idea to a very diverse audience: the world. And that is certainly not an easy task, even for experienced speakers.
The talk
What have the first ransomware, an airport, 2 diskettes and cybersecurity in common?
Some people want to become pilots, some people want to be doctors. We all have our own dreams. But what if your dream actually comes true? This lecture will take you back to a pivotal stage in the life of Eddy Willems more than 30 years ago. Eddy will tell you two stories of how two different diskettes changed his life forever. The first one, the AIDS Information diskette, even turns up in history books and museums from time to time. The second one infected his mind in some way and drove him into his daily job of helping people by communicating (and giving lectures about) the cyberdangers around us, alerting us to all kinds of risks to the public in general and ultimately trying to make the world a safer and maybe better place. These diskettes could maybe change your life in the future.
The topic
I suppose the abstract made at least clear that some events caused a serious change in my life but that wasn’t the only thing. By travelling and helping several companies and organizations worldwide with their security implementation and policy I found out that we are always confronted with basically the same problems during the past 3 decades. So I created a formula out of it and defined what I call the basics of cyber security, a formula which is easy to understand by anybody:
CSP = TF × MF
Translated to English, this means: "A Cyber Security Problem is the result of Technical Factors multiplied by Human Factors"
In other words, almost any cybersecurity issue is a direct result of a combination of technological and human factors. Most malware would not stand a chance without naivety, curiosity, or other human weaknesses. The only way to resolve this in my opinion is to change our online human behaviour completely which is not always that easy. We are all creatures of habit after all. However by improving our security awareness we may lower the cyber attack range considerably. And yes of course it’s not always the user who needs training but sometimes also the IT administrators. The latter fact often seems less obvious. The best way to improve security awareness is by following interactive and repetitive security awareness courses. (eg. See also G DATA Security Awareness Trainings ) In the long run, however, there is clearly a need to put this inside the basic education worldwide. I wonder if we ever will succeed in this.
I suppose you all guessed by now where my inspiration for the title ‘A Tale of Two Floppies’ came from?