Digital apprentice turns social media into power security tool

Social security is not only a source of info for attackers, but a powerful way to raise awareness of security, as a young cyber security worker is demonstrating

Social media is a powerful tool for engaging communities on the topic of cyber security and raising awareness, a young digital apprentice is demonstrating. 

Since leaving school, Katie Sanderson – now 19 – has transformed herself from a security newbie into a cyber security warrior by harnessing the power of social media at a family-owned security firm.

“I grew up in the generation of posting everything online, unaware of the dangers, but then I discovered a world of cyber crime and hackers,” she told Computer Weekly.

“Discovering the apps that I have grown up using, such as Snapchat, WhatsApp and Facebook, might be leaking my data – or worse – was a real shock.”

Driven by curiosity, Sanderson scours the internet every day after work and at weekends for credible case studies on a wide variety of topics, including things such as wearable tech, driverless cars and even the European Union’s General Data Protection Regulation (GDPR).

“Using Twitter is great to raise awareness fast – I managed to get more than 1,000 followers in less than six months for our company’s South East Cyber Security Cluster.

“Cyber crime is global and doesn’t care about your geographic location. The more we find for people to read, the more they’ll understand the daily risks they and their companies face,” she said.

Posting information from credible sources on Twitter, she said, is a quick and easy way of getting vital information into the public domain about things such as zero-day exploits.

Read more about security awareness

Her work in this area has led to Sanderson being nominated in the “social media” category in the inaugural Security Serious Unsung Heroes Awards taking place on 4 October 2016.

As well as working online, Sanderson’s job includes promoting security-related events for customers and non-profit organisations geared to raising awareness and improving security capabilities.

When her company, Lockcode Cyber Security, was tasked with delivering the UK’s Most Innovative Small Cyber Security Company of 2016 awards at InfoSec for techUK and the government, she contacted all the companies through Twitter, LinkedIn and email to encourage them to join in the campaign leading up to the competition final.

“We had no marketing budget – when you ask people to help raise awareness of your campaign on such an important topic, I have found they are usually happy to join forces,” said Sanderson.

Lack of cyber security education in schools

Not long out of school herself, she believes that much more needs to be done about online safety in schools.

“My friends and I never had any training in how to protect ourselves on social media. Learning about threats and telling my friends shows how concerned we all are, but most have no idea how to enter the cyber security world,” she said.

Sanderson said there is a need to not only promote awareness of cyber threats and how to deal with them, but also raise awareness of cyber security as a career path that is open to everyone.

“Working in cyber security, I have come to realise that there’s a lack of women in the field, which I was not aware of,” she said.

Sanderson is working to engage other young people about the career opportunities on offer in the cyber security field, particularly other young women.

“I was recently approached by CESG for ‘Girls Development Days’ to present a speech to young women about cyber after being recommended by the Cyber Security Challenge,” she said.

Sanderson said cyber security is no longer something she “rolls her eyes about” now that she realises how important it is. ... ... ... ... ... ... ... ...

Read more on Security policy and user awareness