The United States Department of Homeland Security has sponsored National Cybersecurity Awareness Month since 2004, and the gravity of this important cause has never been more powerful. With Celebgate terrorizing celebrities and large-scale breaches against corporate giants like J.P. Morgan Chase, Wal-Mart, Home Depot, Target and Neiman Marcus, 2014 hammered home the importance of cybersecurity awareness to individuals and organizations alike.
Nubo Software CEO and Founder Israel Lifshitz agrees that an educated society is a safer one, and that the earlier we learn how to navigate safely in our interconnected society, the safer our worlds – both physical and virtual – will be as a result. Here Israel reflects on the ironic path that led him to champion this cause and develop Virtual Mobile Infrastructure (VMI) as well as the important responsibility individuals, corporations and government share in creating a secure future.
Q: When did you first realize that you were passionate about cybersecurity?
A: I started programming at the age of 10, back in the mid-80s, when there where was no such thing as cybersecurity. In the mid-90s, I started to encounter Information Security managers at work and the way they implemented measures was stifling to my productivity. I actually viewed them as a burden. When I was completing my studies at the Technion, my feelings started to change. I took courses in network security and encryption and my curiosity was piqued by how these technologies worked and protected important communications and data. After I founded SysAid I understood the problems faced by security officers and could relate with the challenges they faced trying to safeguard companies with many employees and critical data systems. I also recognized the contradiction that existed between managing security while trying to provide a quality user experience to your clients. It challenged me to find a way to provide effective security with uncompromised user experience.
Q: Was it this paradox which inspired the creation of Nubo Software?
A: It was definitely the paradox, and the huge gap that existed between user experience and security that I felt need to be solved, and it became an even more prominent issue when as BYOD became a reality for most organizations. This revolution was led by end users who demanded access to tools that they were familiar with as consumers. However, the security measures which IT felt compelled to implement acted as a barrier to providing employees with this flexibility. Nubo was born in order to solve this dilemma and provide the highest level of security and native user experience.
Q: There are various philosophies and approaches out there towards providing security for mobile devices. Why is it so important in your eyes that zero corporate data be stored on personal smartphones and tablets that employees bring to work?
A: It’s a fact that mobile devices are the weakest link to security in a BYOD environment. They’re owned by employees and therefore it’s impossible for IT to micro-manage them. By their very nature, they are mobile and routinely connect to many unsecured networks, and of course they are regularly misplaced and lost by users. If you multiply these scenarios by the millions of employees using BYOD, you can comprehend that even the best CISO in the world cannot ensure that their sensitive data won’t be leaked. In fact, most CISOs won’t even know these leaks ever happened. A security solution that can works on such a large scale must keep all corporate data within a secured and centralized location. This solution must also be able to grant employees the same user experience they are used to in working with native apps. The only solution that can provide both of these important requirements – zero data on devices and native apps – is Virtual Mobile Infrastructure (VMI).
Q: Why is raising awareness on cybersecurity becoming more important as our technology continues to evolve?
A: Technology is always evolving and companies’ are becoming more and more dependent on technology and digital infrastructure. This means that securing the data is increasingly more critical than ever before, and in many ways has exceeded the need for physical security. Banks are a great example of this. They store much less cash on-site than they actually keep within their databases, but have spent significant resources trying to protect physical assets. Over the years, however, their awareness to this reality has seen them devote more focus to protecting their systems from cyber attackers.
Q: If this is the case in private sector, how much more vital is it to use the highest possible level of security at the government level?
A: Businesses that lose client data and money as a result of security breaches is one issue, but when you’re speaking about national security, we are talking about the lives of millions of people potentially at risk. Military and defense agencies are facing a wide variety of cyber threats in parallel to the existing physical threats they already deal with. With these stakes on the line, there simply isn’t any room for error and you need to ensure that the most sensitive data is kept where it’s safest.
Q: While public awareness campaigns like National Cyber Security Awareness Month help educate the public on security, there is a notion that consumers and BYOD users are way behind the learning curve. How can we better educate people to be more security conscious?
A: I agree wholeheartedly that education and awareness are vital to improving the overall landscape for everyone. In our interconnected world, we really are all in this together. High-profile breaches like the iCloud breach have caught taken the public spotlight. The lesson that individual users should take away from that incident is that having a mobile computer at your disposal 24/7 comes with its responsibilities. We used to feel as consumers that using safety measures was optional, but we can’t afford to think that way any longer. It’s important that everyone – and of course BYOD users learn and apply the ABCs of cybersecurity measures. I believe the day is coming soon where learning about cybersecurity will be a mandatory course for even high school children.