Businesses are preoccupied with ensuring customer security and protecting sensitive data. In such an environment, cybersecurity as a service can be a viable solution for organizations that might lack the resources to keep an in-house security team.
From companies operating in the service sector to governmental institutions and healthcare businesses, one thing unites them all – the need for top-level protection of corporate and customer information. However, how should a company that is not cybersecurity-oriented approach this matter?
To learn more about this, the Cybernews team has talked to Mari Krusten, the Head of Marketing and PR of Cybernetica, one of the oldest Estonian IT companies.
How did Cybernetica originate? What has your journey been like?
Cybernetica is one of the oldest IT companies in Estonia, established already in 1997. However, our history goes back to 1960 when the Institute of Cybernetics was established in Estonia - a research institute that we grew out of.
Today we have 25 years of experience in building future-proof products that rely on research and development. Our unique expertise ranges from secure data exchange to digital identity, i-voting, information security, and more.
We have been and still are one of the strategic partners for developing the Estonian e-governance ecosystem. Currently, our technologies are used in 35 countries all over the world.
Can you tell us a little bit about what you do? What are your main fields of focus?
Currently, our core portfolio is centered around e-governance technologies, information security, and the defense industry. We develop a secure digital identity technology and secure data exchange, which are both regarded as integral components of any digital transformation. We also develop privacy-preserving technologies that help make sense of confidential data while preserving the privacy of the data subject. We also provide cybersecurity assessment services and work with various projects in the defense area, from border control solutions to cyber threat intelligence exchange.
What sets us apart, however, is our in-house research institute. We have historically been well connected with academia, and today, research and development form a strong foundation upon which our technologies are based.
What were the main changes you have witnessed in your industry throughout the years?
Technology is developing and changing rapidly. For example, there’s rapid evolution in IoT, AI/machine learning, and overall digitalization including digital identities. The unfathomable amounts of data collected open up new ways to provide services; however, they also create new privacy and security risks that need to be addressed.
Additionally, when we’re talking about digital services and e-governance, all user-facing services are becoming mobile-first, which creates a whole new avenue of threats. The average user’s awareness or lack of it creates new challenges in the industry.
How do you think the pandemic affected your industry? Were there any new challenges?
From our perspective it was, of course, an interesting challenge to adapt our projects with a global reach – normally, our project teams travel to be on-site, provide stakeholder training, etc., – now all of this needed to be remote, too. It’s quite the challenge to support digital transformation remotely in locations where they’re just about to take the first steps on the journey. However, we adapted rather successfully.
The other side of the coin is, of course, remote and hybrid working and the fact that has brought on new risks, too. For example, how do we identify who we interact with, to make sure it's an actual human being?
Many non-IT companies invested in out-of-the-box (OOTB) remote working solutions and web pages or online stores to continue their business, without actually adequately taking into account the nature of the OOTB solution, their business needs, and associated security & privacy requirements. This can and has resulted in security vulnerabilities. This, in turn, inspired us to start offering cybersecurity as a service to organizations that might not have the resources to keep an in-house team for security assessment.
Since digital identity is a relatively new technology, people still tend to have some misconceptions regarding it. Which myths do you come across most often?
Digital identity turned 20 years old in January. In Estonia, there's an entire generation that has grown up using it, so for Estonians, it's not necessarily new. There aren't that many myths in general, but there are people who have fears concerning the safety of digital identity. Some countries also question safety, and that comes mostly from the fact that they don't know the technology behind it. Some people fear that digital identity can allow watching over people and breach their privacy, but that is totally false. Our technology is very transparent and secure, with the highest level of certification. Our digital identity technology is currently used in all of the Baltics as part of the Smart-ID service.
What aspects of our daily lives do you hope to see enhanced by technology in the near future?
Automation, digitalization & IoT are definitely where enhancements will be made soon, and these will have an impact on our daily lives. Hopefully, most of those impacts will be positive, even if they require changes in how we work and live. However, a big caveat to consider is that many of these enhancements may come with a cost to privacy and security. Mainly because such innovations may not be developed following the principles of security and privacy by design. The question mostly relates to the additional costs and how to find a balance between innovations, privacy, and security.
New laws and regulations are being created to ensure secure software development. Companies are making an increased effort to educate consumers to make informed decisions. But to some extent, it's also the responsibility of the consumers to make an informed decision and opt for security solutions and services, as security comes with a cost.
Future-proof technologies are a lot more than just privacy and security. They should also take into consideration how a new solution or system could be kept up to date as technology advances, without the need to build a new system. However, the above example highlights the need to anticipate and prepare for the future to minimize and avoid risks in the future.
You often mention the importance of creating future-proof technologies. What threats do you think will emerge in the near future?
As times evolve, the opportunities for cyberattacks do, as well. While it is difficult to predict the future, looking at previous trends, it's most likely that the same threats remain. While the attacks increase and the technology that ensures it does as well, we constantly have to make sure we're one step ahead of others. So in a way, it's a never-ending process where we constantly have to upgrade our technologies. The biggest issue is awareness, not just the technology itself.
What types of solutions or tools would you recommend to average individuals to stay safe in this ever-changing technology landscape?
An obvious solution is to be cautious and mindful when sharing or storing information. We can do a lot for our safety simply by keeping in mind that not all the information should be public, let alone shared on social media. People should make sure their wifi is secure or use VPN, also have strong passwords, and make sure not to use the same ones everywhere. It is important not to save passwords on browsers either.
Our digital identity technology is a tool that is very beneficial to average individuals because it provides all users with a secure digital identity that is only accessible to that user. It also has a well-tested unique cryptographic solution that even allows online banking to be conducted from mobile devices.
Another safety tip to keep in mind is to have security setups on your devices or to be mindful of how much access we give to different apps on our phones. These are very easy recommendations that will save many people from unnecessary hassle.
Share with us, what does the future hold for Cybernetica?
Cybernetica continues to be the best at what we do — continue to develop, deploy and maintain mission-critical systems globally.