11 Mar Hacking My Way Into Cybersecurity: Views From A Novice

Writing for Cybercrime Magazine is an eye-opening experience

– Steven T. Kroll

Northport, N.Y. – Mar. 11, 2019

I hacked my way into cybersecurity.

I answered a job ad, submitting an application for a public relations specialist at Cybersecurity Ventures, not knowing anything about cybersecurity. Indeed, I’d never even heard the word. I interviewed a week later, accepted the offer the following week and began two weeks after that.

A lot has changed in the 30-plus days since I’ve been here. I went from absolute ignorance to relative knowledge via a crash course in the industry. This got me thinking about what would happen if more people experienced this rapid transformation.

Everybody, whether they know it or not, is prone to cyber threats. Much like the air we breathe, the cyber world pervades nearly all of our lives through direct connection or secondary sources. If there are more people like me out there, and I assure you there are, then most of us are gagging on our own cyber ignorance.

Luckily for me, Cisco and Cybersecurity Ventures published their annual Cybersecurity Almanac during my first week. In fact, it was the first public relations campaign that I put together. The more I read the almanac, the more scared — and interested in cybersecurity — I became.

Here’s my takeaway from the almanac, from the perspective of a person with only one month of experience in the industry. Think of this as a mini version, something that can be packaged for lay people — all of whom are at risk.

What I learned – five facts from the almanac:

1. Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades. Cyberattacks are the fastest growing crime globally, and they are increasing in size, sophistication and cost. My initial reaction to this verged on disbelief. If cybercrime is such a threat, then why did I know nothing about it? Had I lived outside the virtual world for too long? I soon learned that this isn’t just hyperbole, as the facts and statistics in the rest of the almanac back it up.
2. Cybercrimes are vastly undercounted because they aren’t reported — due to embarrassment, fear of reputational harm, and the notion that law enforcement can’t help (amongst other reasons). Maybe this is why I didn’t know much about cybercrime except for front-page news. Who would trust a business that has been breached? Even worse, what if you’re already working with one and don’t know it? But this fact should alarm everyone because those of us in the field know that cybercrime occurs daily against governments, businesses and individuals, and those are just the reported cases.
3. Some estimates put the size of the deep web (which is not indexed or accessible by search engines) at as much as 5,000 times larger than the surface web, and growing at a rate that defies quantification, according to one report. OK, so I heard about the dark web and had some veiled understanding of it, though it was nothing like this. This statistic illuminated the potential and volume of criminal activity that I was so unaware of. 
4. Personal health information is 50 times more valuable on the black market than financial information, and stolen patient health records can fetch upwards of $60 per record (which is 10-20 times more than credit card information). I mean, how many of us have gone to the doctor’s office or been to a hospital at least once in our lives? If so, then you left a gem for cyber thieves to scoop up.
5. There will be 3.5 million unfilled cybersecurity jobs by 2021 — enough to fill 50 NFL stadiums — according to Cybersecurity Ventures. And here’s the kicker — the level of vulnerability that we have compounded with the missing cyberwarriors. Cybercrime grows daily, yet a missing workforce is making it difficult to defend all of us. These jobs won’t fill quickly enough, but with a little effort, we can secure ourselves and the people we know.

And that’s my crash course in cybersecurity for those people who were just like me in my pre-industry life. Can you imagine what would happen if the general public were aware of these few data, if they had a crash course similar to mine? The uptick in awareness just might be the solution to some of the problems we face when it comes to cybercrime and cybersecurity.

Although I entered cyber through a crack in the firewall, I’m securing the vulnerable with my verbal contributions.

– Steven T. Kroll is a public relations specialist and staff writer at Cybercrime Magazine.