Security expert Åsa Schwarz on digital threats and cybersecurity
How did your interest in cybersecurity start, and what is cybersecurity actually?
I started programming as a child, but came into contact with cybersecurity during a summer course while studying at university. Then I was hooked.
Cybersecurity nowadays is a broad concept meaning that you work systematically to ensure that information in systems and networks is available, correct, and can only be accessed by the right people. The big difference today is that all businesses are completely dependent on IT, which makes security and secure systems even more important now than ever before.
Is cybersecurity completely detached from physical security, or how does it all link together?
In the past it was detached, but now the two are very much interlinked. Our locks and alarms are digitalized, and it’s as important that the bolt in a lock is as robust as the IT system behind it. If you have biometric solutions such as those from Precise, it's even more integrated.
What are the biggest risks today, and what are your best tips for staying safe?
Hackers try to gain access to either money or information, and we see that in some countries criminal hacker groups collaborate with state actors. It makes a big difference whether you’re a private individual or a company. Private individuals are often targeted by fraud and phishing. Companies often have a much broader risk profile, facing everything from ransomware, where a criminal encrypts your information and hard drives, DDoS attacks, where systems become unavailable, to problems with suppliers who have security problems themselves. And we mustn’t forget that many incidents are due to user error or poor systems.
As a private individual, you can keep in mind some basic measures such as always having backup, multi-factor authentication and long passwords. But above all, you must be alert when things are not as they usually are. Companies need to work systematically with cybersecurity throughout the organization.
What is the most common misconception related to cybersecurity work in organizations?
One of the biggest preconceptions is that it’s the IT department’s problem. Many breaches and errors are caused by users making mistakes. Management and, in some cases, the Board of Directors must also be involved in determining the risk appetite and focus of security work
How do you see the role of Precise’s offering in cybersecurity?
Precise has several different solutions that increase security while making life a little easier for users. One typical example is fingerprints to open a mobile phone, computer or car. Support for visitor management is also an important part of a company’s systematic security work.
How do you think digital developments and cyber threats/risks will change going forward?
Right now, the world around us is extremely turbulent, which means that companies must find ways to continuously manage new risks. Criminal activity online has also increased significantly, which increases the need for security.
Will those who develop cybersecurity solutions or the “cyber villains” win at the end of the day?
That’s the classic question. I think we’ll continue as before, with the villains constantly challenging and finding new ways, while those of us working with security are constantly learning and improving. The big trend is that those that are good at managing incidents are also the ones that perform the best.
You’re not just a cybersecurity expert, but also an author – how do you weave that into your books?
Although all my books are thrillers, some also deal with cybersecurity. For example, Master of Dolls has elements of artificial intelligence and security, and The Seven Keys is a hacker thriller.
About Åsa Schwarz
Board member at Precise Biometrics and Enea, and Head of Business Development at Knowit Cybersecurity & Law. She also writes thrillers.