Social media is a powerful tool for engaging communities on the topic of cyber security and raising awareness, a young digital apprentice is demonstrating.
Since leaving school, Katie Sanderson – now 19 – has transformed herself from a security newbie into a cyber security warrior by harnessing the power of social media at a family-owned security firm.
“I grew up in the generation of posting everything online, unaware of the dangers, but then I discovered a world of cyber crime and hackers,” she told Computer Weekly.
“Discovering the apps that I have grown up using, such as Snapchat, WhatsApp and Facebook, might be leaking my data – or worse – was a real shock.”
Driven by curiosity, Sanderson scours the internet every day after work and at weekends for credible case studies on a wide variety of topics, including things such as wearable tech, driverless cars and even the European Union’s General Data Protection Regulation (GDPR).
“Using Twitter is great to raise awareness fast – I managed to get more than 1,000 followers in less than six months for our company’s South East Cyber Security Cluster.
“Cyber crime is global and doesn’t care about your geographic location. The more we find for people to read, the more they’ll understand the daily risks they and their companies face,” she said.
Posting information from credible sources on Twitter, she said, is a quick and easy way of getting vital information into the public domain about things such as zero-day exploits.
Read more about security awareness
- UK organisations are putting reputation, customer trust and competitive advantage at greater risk by failing to provide their staff with effective security training, a study reveals.
- Cyber security awareness is still in its infancy in most organisations despite the quick returns it can deliver, says the Sans Institute.
- A continual security awareness training program is important for an enterprise’s culture.
- Security awareness training can be effective, but how should enterprises select the right third-party program?
As well as working online, Sanderson’s job includes promoting security-related events for customers and non-profit organisations geared to raising awareness and improving security capabilities.
When her company, Lockcode Cyber Security, was tasked with delivering the UK’s Most Innovative Small Cyber Security Company of 2016 awards at InfoSec for techUK and the government, she contacted all the companies through Twitter, LinkedIn and email to encourage them to join in the campaign leading up to the competition final.
“We had no marketing budget – when you ask people to help raise awareness of your campaign on such an important topic, I have found they are usually happy to join forces,” said Sanderson.
Lack of cyber security education in schools
Not long out of school herself, she believes that much more needs to be done about online safety in schools.
“My friends and I never had any training in how to protect ourselves on social media. Learning about threats and telling my friends shows how concerned we all are, but most have no idea how to enter the cyber security world,” she said.
Sanderson said there is a need to not only promote awareness of cyber threats and how to deal with them, but also raise awareness of cyber security as a career path that is open to everyone.
“Working in cyber security, I have come to realise that there’s a lack of women in the field, which I was not aware of,” she said.
Sanderson is working to engage other young people about the career opportunities on offer in the cyber security field, particularly other young women.
“I was recently approached by CESG for ‘Girls Development Days’ to present a speech to young women about cyber after being recommended by the Cyber Security Challenge,” she said.
Sanderson said cyber security is no longer something she “rolls her eyes about” now that she realises how important it is. ... ... ... ... ... ... ... ...