Do you remember a time when you used your mobile phone simply to make phone calls?
For most, those days now seem like the distant past. Smartphones have now become integrated into nearly every aspect of our lives. We use them to monitor our health. We use them to track our exercise routines. We use them to help us get where we’re going, and to keep abreast of the information we need.
And we use them to make financial transactions and shop.
Along with our increased dependence on mobile devices comes increased interest among cybercriminals and hackers. For cybersecurity professionals, this means a proliferation of new attack surfaces – and a major challenge when it comes to securing them.
“We’re at a game-changing moment in the field,” the chair of Capitol’s cybersecurity program, Dr. William Butler, says. “Suddenly everyone is carrying around these powerful, miniature computers, all connected to the internet, and all containing sensitive information that you do not want the wrong people to gain access to.”
“The potential risks are mind-boggling. And we have to figure out how to protect against them.”
The two major mobile platforms – Apple and Android – reflect starkly different philosophies, each with its pros and cons. Android’s operating system, developed by Google, is mainly open-source – an asset to app developers that comes with a potential cost in terms of security. Vulnerabilities are addressed through patches, which must then be applied by the individual vendor that sells you your phone. According to Slate magazine tech writer Dan Gilmour, Android is a “freewheeling mess.”
Apple, by contrast, controls its operating system tightly and automatically sending updates to iPhones. But the closed nature of the Apple environment, critics argue, hampers its flexibility.
Besides the question of how to secure current devices, there is also the problem of older devices that are still in use – but lagging far behind in terms of security.
“A major issue is protecting millions of legacy devices currently in use, which do not have the capability to implement the latest countermeasures (multi-factor authentication, encryption, VPN to name a few),” Butler notes. “The threat to these Internet-connected devices is very real and continues to evolve quickly as public reliance on these devices increases.”
At Capitol, Butler and other cybersecurity faculty are helping educate students to meet the challenges posed by mobile. The Capitol cybersecurity program, a DHS and NSA-designated Center for Excellence in cybersecurity education, draws its faculty from professionals working in the field and updates its curriculum regularly to reflect emerging developments, including the rising prevalence of mobile.
“The challenges are many,” Butler says, “but the rewards presented by these emerging technologies are two important to forgo their use.”
For more information on cybersecurity programs at Capitol, contact Dr. Butler at 240-965-2458 or whbutler@captechu.edu
No comments:
Post a Comment