Ex NSA Analyst, Oren Falkowitz left the agency in 2012 and went on to co-found two different start-ups, Sqrrl, and Area 1 Security; both of which analyze and stop cyber threats. His latest venture, Pineapple Sparkle, is a comic book he uses to showcase his thoughts on America’s current state of online security. Falkowitz says that the book is being sponsored by Area 1 Security, is written by himself, and illustrated by comic book artist Francois Vigneault.
Despite the rise in phishing attacks since 2005, cyber security is still being ignored or underplayed by the majority of companies. For months now we’ve heard of various companies being ransom ware victims, and even most of the east coast without popular online sites for a day. Falkowitz has captured this essence in his comics.
“Cybersecurity compliance trainings are often mandatory but ineffective in giving employees the tools they need to handle basic, common threats like phishing,” Falkowitz said.
He also stated that cyber security education isn’t effective because people feel like they are being forced into training, therefore harbor regret toward it almost instantly. Another reason he said current methods aren’t working is because of the way information is given. In the majority of employee education about cyber threat prevention is handed to them in steps.
As he notes in his comic, a lengthy 64-step process isn’t all that’s needed. “It’s not practical for students or employees to follow a 64-step process,” as Falkowitz put it. He also said that the step by step process isn’t consistent with the way actual cyber-attacks happen.
He thinks the same kind of motivation that gets people to click links, and to download files, or even to do their job is needed to educate people about cybersecurity measures.
If I sent a CFO a financial spreadsheet that looked like it was coming from the CEO, she would be all but forced to open it. The technology needs to be right there with her, ready to help her if needed.
He stressed that the exact same systems for other safety issued need to be stressed for cybersecurity. He mentioned the fact that airbags and seatbelts are included as part of a car’s safety protocol, not just asking people to drive safer. He also thinks that the entire process needs revised, and some additional steps added.
Falkowitz also stated that the whole system in which people are caring for cyber security needs to be changed completely. With this, he explained how often times people will think that the credit card companies themselves are the only ones that are targets, but we see hackers targeting the smaller stores such as Dairy Queens and gas stations. While these are major processing centers for stolen card data, many people aren’t realizing how much of a difference good cyber security would have helped thousands remain unharmed.
Falkowitz comic is going to be aimed not at home consumers just yet, but at the smaller businesses that are being affected first; according to his views on the whole system itself. He thinks that working from the bottom floor at the gas stations and Dairy Queens will help more than offering it to major companies just yet. He also said, but didn’t specify, that there were going to be a few Silicon Valley companies that would become aware of his comic very soon.