Stephen Hawking, surely not a cyber security researcher but a great physicist who changed our perspective on universe, passed away yesterday at the age of 76. He has been a great inspiration to many people with his enthusiasm for understanding universe.

“My goal is simple. It is a complete understanding of the universe, why it is as it is and why it exists at all.”

His disease, amyotrophic lateral sclerosis (ALS), disabled him to do many things but creating value. Through special devices he was able to speak out his ideas and spread his words and dreams. In 2012, a special device called iBrain was developed for him and inventor, Phillip Low, said “We’d like to find a way to bypass his body, pretty much hack his brain”.

Looking at cyber security from Hawking’s view

Not sure that if we really hacked Hawking’s brain with iBrain, but we can certainly look at his words from cyber security perspective. Following quotes from Stephen Hawking may inspire cyber security researchers;

The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge. Intelligence is the ability to adopt change. I have no idea. People who boast their IQ are losers.

“The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge”

Most of the cyber security officers of a company think that they know everything about their assets in terms of cyber security. However, this illusion of knowledge creates illusion of security. The most ironic part of this type of thinking is that the knowledge gained from inside is actually incomplete. We even see that some companies are not aware of their full inventory of assets.

The digital footprint of a company can be seen better from an external look. The assets are not only domains and IP addresses, but also employees. The security awareness of your employees may not be seen from inside, but leaked credentials can hint the level of awareness. We even observe that employees use their corporate e-mail addresses to subscribe unsecure websites and they use the same password used in their corporations’ intra-networks.

Similarly, fraudulent domains and applications can be overlooked and the intelligence you gathered will not pose all the risks.

report

“Intelligence is the ability to adapt to change”

The hackers’ methods change almost every day. A security officer has to change his mind and adapt the way of his thinking. Even the cyber intelligence gathering methods should be adapted. Some information shared online might be irrelevant but it may be weaponized by hackers easily. Thus, you should look at your information online from hackers’ glasses.

“I have no idea. People who boast about their IQ are losers”

We see some CISOs boast about their cyber security levels. However, no matter how secure you are (or more accurately no matter how secure that you think you are) breaches will happen. The first thing to know is the risk that you carry and learn how to mitigate the risk. Our research shows that even the companies who have most advanced cyber security tools can pose very high risks.

See what hackers see.

The insecurity level increases when a company starts to say that they are secure. The illusion of knowledge and security only makes the company more insecure. The knowledge will always be incomplete unless you see what hackers see. Click to learn what hackers know about you.

Rest in peace Stephen Hawking.