In our first issue of Go Magazine, we introduced Gary Davis, Chief Consumer Security Evangelist at McAfee. Davis works with some of the most advanced cyber security technology in the world to provide up-to-date protection against data breaches through cyberattacks. He also looks for ways to educate the public on how they can best prevent their own devices from becoming compromised.
“We’re working now on putting a quiz in front of our customers to show them some real-world phishing examples,” says Davis, adding that by doing so, he hopes that users will be better able to identify scams.
As IoT (Internet of Things) continues to advance and begins to play a greater role in businesses and the lives of people around the globe, McAfee predicts that this technology will be leveraged more and more for attacks. Davis explains how quickly devices can become infected with malware highlighting the need for cyber protection and education.
“Basically, what the attackers do is first install their malware on a device, and then these crawlers go out there,” says Davis. “To give you an idea of how fast it happens, we actually did a test in our lab. We bought a DVR and connected it; it was crawled and malware was installed in just over a minute. Imagine you plug your device in and about 60 seconds later it’s been authenticated and malware has been installed. It happens that fast. You don’t even know it’s happening and have no idea that your device has become part of a botnet that could be directed on command to go do something.”
So, how exactly does McAfee go about preventing such attacks? According to Davis there are many challenges, as the majority of these transactions happen in the dark web, a notoriously difficult part of the Internet to monitor. “It’s a very interesting time in the cyber security world when these types of things are formulating. Currently, we’re connecting about 4,800 new things every minute of every day. The International Data Corporation predicts that by 2025 we’ll be connecting 158,000 devices every minute of every day. So, you get this massive proliferation of things and a large section of these products really have no effective security controls.”
Davis goes on to add that all of us who are connected to the web are vulnerable to attacks. “The demographic that has the highest likelihood of being a victim is probably your typical consumer,” he says. “Second to that are small businesses, [as they’re not as easily able to recover from data breaches]. A large business is going to have a much richer security infrastructure and layered defenses. They’re going to have endpoint protection, network protection and other capabilities, and spend a lot of energy in most cases making sure they won’t be a victim.”
Before wrapping up our discussion with Davis, we wanted his thoughts on insurance and asked how he prefers to obtain it. Based on the nature of his job, his answer should surprise few.
“Most everything I do now is online,” he says. “I don’t recall the last time I spoke or went and met with an insurance professional.”
He also thinks that the insurance industry, like many other industries, could benefit from simplifying the language it uses.
“I view myself as a pretty informed individual who’s on top of lots of different topics,” says Davis. “I’m always amazed at how I’ll be going through a process and asking questions, and [find myself wondering] how a consumer could possibly know the answer to something that’s such an industry-specific thing. Using simplified language and trying to avoid either industry speak or jargon, I think, is the way to go.
“I know we all get excited about new capabilities, products and services, but if you can’t make it resonate in the simplest way with somebody who’s not living it every day then you probably need to re-think it and simplify things a bit.”