This week, on the anniversary of the World Wide Web’s release to the public, we are taking a closer look at how web use has irrevocably changed and modernized some of the key industries shaping our lives today, and what this change means for our global cybersecurity.
On August 1, 1991, Tim Berners-Lee’s idea for a global information web proliferated through URLs and hypertext was released for free use to the general public. His vision was a simplified platform for information sharing across the Internet using hyperlinks to link to other relevant content. He called it the World Wide Web.
Fast forward to today, where more than 1 billion websites are now online. People across the world turn to the web as the starting point for nearly every activity done online. While new devices are constantly being developed, making past iterations irrelevant, the web transcends this evolution and pervades new technology, with 50 percent of web traffic taking place on mobile devices.
It’s evident that the World Wide Web has become a foundational technology for the majority of today’s innovations across industries, but it has also created a new land of opportunity for adversaries.
The rapid sharing of information made possible by the web has had immense benefits for the healthcare sector. Berners-Lee initially came up with the idea for the World Wide Web while working at CERN (the European Organization for Nuclear Research), to make it simpler for him and other physicists to share their research over the internet. Similarly, the web facilitates the sharing of medical research between physicians and medical professionals regardless of physical location, thereby improving patient care worldwide.
The healthcare industry also benefits from web applications that enable better communication between doctors, hospital staff, and patients. A good example of this is electronic health records (EHRs). EHRs hosted on the web allow doctors to get a holistic view of a patient’s medical history.
While web applications have improved efficiency and accuracy in healthcare, storing confidential patient information online has also increased the risk of being targeted by cyberattacks. Recent years have produced dozens of breaches involving patient records, with tens of millions of medical or insurance records stolen by hackers.
To best safeguard these new care delivery models, healthcare institutions need comprehensive, integrated security solutions to detect and prevent these new web-based methods of attacks.
The World Wide Web has had a similarly large impact on teaching techniques, overcoming educational barriers, and dramatically increasing the number of educational resources available to students. One of the biggest benefits to education has been the establishment of online learning institutions. Physical proximity to a school or campus no longer determines whether someone is able to receive an education.
As technology becomes more pervasive, and children are exposed to it at increasingly younger ages, teachers have begun integrating it into their learning curriculums. Blended learning has become a popular teaching technique in which students are taught with a combination of traditional face-to-face and online tactics.
Schools are increasingly dealing with 1:1 student-to-device ratios, as well as bring-your-own-device, such as tablets and smartphones, environments. While access to devices is necessary to the success of the curriculum, the increased number of devices accessing schools’ networks can mean bandwidth strain and greater security risks.
To protect student’s personal data, security measures must be implemented that mitigate attacks on the network. A network security framework that supports new mobile devices joining the network, bandwidth demands, and new applications must be deployed to remain successful.
Online shopping has revolutionized the retail industry as a whole, with less importance being placed on physical brick-and-mortar locations. While ecommerce has improved the convenience and experience for shoppers, as well as opened new opportunities for retailers, it does not come without security risks.
The past five years have seen several major stores become victims of major data breaches, losing private consumer data. Target was infiltrated using stolen user credentials, resulting in the loss of payment card information for 41 million shoppers. Online retailers are increasingly targeted by cyberattacks, often through credential stuffing, phishing, or DDoS attacks.
To mitigate these risks, retailers need to ensure they provide a secure site for online checkouts (HTTPS), and encourage unique, strong passwords. Additionally, online retailers have to employ firewalls at the perimeter of their networks, as well as internally for network segmentation. This will assist in preventing attacks from accessing the network, and in the event of a breach, will isolate malware to prevent it from spreading to the rest of the network.
Banks are meeting consumer demands for online access to financial information through a wide range of services and applications from account management, to bill paying, to loan applications.
Now, users are able to accomplish all of the tasks from their computers and smartphones that previously required a trip to the bank. Additionally, banks have been able to use the data gleaned through web analytics to provide more targeted offers to consumers, and to inform market research and investments.
Reliance on digital capabilities and new technologies has also affected the types of skillsets banks consider when hiring, as many applicants now need to have robust IT capabilities. While functionality and user experience are important to financial digital programs, the security of user’s personal and financial information is paramount.
Online banking, though popular, means that individuals now have access to data stored on bank networks – increasing the attack vectors for cybercriminals through applications, endpoints, and more.
Cloud-based services, IoT, increased sophistication of cyberattacks and stricter government regulations are making financial institutions reevaluate their approach to network security. As such, financial services providers need a security fabric that interconnects the key elements of intrusion detection, threat intelligence and analytics, and incident response tools across the entire distributed network to best protect customer data.
The World Wide Web has arguably been one of the most influential advances in technology in human history, and has fundamentally changed the way people approach everyday tasks. However, as businesses across industries harness the power of the web to provide better experiences for consumers, we all need to remain aware of the evolving security risks.
Businesses and other organizations that have benefited greatly from the web also need to recognize its dangers. Businesses must think about providing defense in depth by deploying a range of cybersecurity tools to protect themselves from the bad guys lurking around every corner of the Web. Defense in depth can include several tools -- firewalls, threat analytics, access management, and security information and event management (SIEM) products, and others – but the result of these investments will pay off with a much safer experience for all those that benefit from the innovation and information in the World Wide Web.
This byline originally appeared in Huffington Post.