What is the current situation in research, politics, industry and what can we as citizens do to be more resilient? For the first blog post, Johanna Seiwald interviewed Sokratis Katsikas, Director of the Norwegian Center for Cybersecurity in Critical Sectors and Professor at the Norwegian University of Science and Technology (NTNU).
Sokratis Katsikas talks about the development of “information security” to “cybersecurity” and the dynamic threat situation. While malware has dominated the reports in recent years, cyber-physical attacks on critical infrastructures are now taking centre stage, as the incidents in Ukraine show. He argues in favour of developing resilient systems and says that cyber attacks are inevitable and trying to get ahead of the criminals is pointless. To address the shortage of cybersecurity personnel, Katsikas suggests expanding educational programmes and retraining courses based on successful strategies for the IT skills gap. AI improves both defensive and offensive measures, but also brings its own security challenges, as criminals use AI for sophisticated attacks.
When asked for personal tips, Sokratis Katsikas recommends the zero-trust approach: “I do trust people, but still, I think the zero-trust approach is the safest one. Especially if one is not trained as a cybersecurity expert. I would suggest to always think twice before you click on something. It is so easy to just click – I almost fell for it myself.”