What Do You Think of When You Hear the Word “Cybersecurity”?
For many people, the answer might be “hackers”. But according to Professor Ivan Damgård, cybersecurity is about something much more fundamental: How we can have a secure digital society at all.
Most of the people we need to “protect” ourselves from are not hackers. They may be acquaintances, bank employees or companies.
In short: all the other people we do not want to share our secrets with.
Cybersecurity is therefore not only about attacks from the outside, but about ensuring that we share only the information we want to share.
“We communicate on an internet where, in principle, anyone can read our data if it is not encrypted. And we do not necessarily share interests with the people we communicate with. That is why we must ensure that we only provide recipients with exactly the information we want to give them,” explains Ivan.
Since the 1980s, he has conducted research in cryptology, which lies at the heart of much cybersecurity, and in data security.
He points out that humans are often the weakest link in cybersecurity. Even the strongest systems can fail if people make mistakes or are manipulated.
One example is the transition from NemID to MitID. As the system became more difficult to break, fraud evolved into manipulating people into sharing information themselves.
“If the easiest thing is to trick people, then that is what criminals will go after,” he explains.
The professor works on using encryption to close the gaps where data leaks can occur in cyberspace. And the need for encryption has only increased over the years.
The internet consists of a vast number of computers, and the people behind them are more or less trustworthy. If we sent our data across the internet without protecting it, anyone would be able to see it and manipulate it.
“You could say that what we do is, first and foremost, about closing all the major gaps – making sure that people cannot simply sit at home and harvest all kinds of data,” says Ivan. “The next concern is hackers. And hackers only exist because there is a whole layer of encryption ‘underneath’ the internet that makes it work.”
The Next Major Challenge
According to Ivan Damgård, the next major challenge is quantum computers, as they could potentially break today’s encryption.
“The consequence could be a form of digital collapse if we have not done anything in the meantime. And it will take at least ten years to make our systems quantum-safe, which is why we need to start now,” he urges.