Your Smartphone Is ALWAYS Listening: Q&A With Cybersecurity Expert Moschovitis

The Facebook data appropriation by Cambridge Analytica is just the tip of the iceberg, according to cybersecurity experts. In fact, our data is being culled from a variety of sources and our ability to stop it is essentially impossible.

Did you know, for example, that our smartphones are always listening to us and culling our information, even when they are turned off? I didn’t.

In lieu of going completely off the grid, the best course of protective action from bad players, according to Chris Moschovitis, CEO, tmg-emedia, is having strong cybersecurity. Moschovitis has just written a seminal book on the subject, "Cybersecurity Program Development for Business: The Essential Planning Guide." It is a breezily written, accessibly explained guide that, he explains, “demystifies cybersecurity for people so they can understand what it is.”

I sat down with Moschovitis for more on the topic.

Charlene Weisler: Where are we today in cybersecurity?

Chris Moschovitis: We are nowhere near where we need to be. The best analogy I have heard is that cybersecurity is now where we were when seatbelts were mandated in the 1970s. If you recall, after a lot of research, there was a law passed that mandated the use of seatbelts in all cars. There was uproar and a lot of resistance….

In cybersecurity, we are now in the era where there is still resistance. Some people don’t understand why they need to pay attention to cybersecurity and may resent the fact that they now have to deal with one more technology problem.

But it is not technology. It is risk management.… You see data extricated everywhere. People use free services where they are the product to be sold as in the case of Facebook and Cambridge Analytica where they are harvesting your data and selling it.

Weisler: And beyond your own data, your friends’ data.

Moschovitis: Absolutely. That is the beauty of all of these free services. They harvest your data and all of your connections’ data. They also harvest your geolocation data, behavioral data, they know what time you get up, they know what time you go to bed, they know what you buy, what you like and dislike, your political affiliations, drug issues, sexual preferences, everything that you can possibly imagine. …

Weisler: So left unchecked, where can this lead?

Moschovitis: This leads to the elimination of privacy as we understand it, even at the most elemental level. If you are good with that idea, fine. But if you are not good with it, them you have to start regulating it, whatever that means. And this is a lot harder than it seems.

Weisler: I never knew that my smartphone was always in use when I was carrying it around.

Moschovitis: All smartphone sensors are in use all of the time. Therefore they can record all of your information. They know your geolocation because they have a GPS capability….

There are several phones that even when you physically turn them off, the phone is not really turned off. It can be reactivated, it can be hacked and reactivated remotely, cameras and microphones can be turned on, even though the phone is off. The only sure way to know that a phone is off is to remove the battery, and that is becoming increasingly difficult now….

So if you plan to have a private meeting and discuss things that are confidential, all of those devices need to be out of the room: Alexa, computers, phones and even wearables.

Weisler: What are your views on the Internet of Things?

Moschovitis: I have a love/hate relationship with IoT. I love the facilities and the prospects of the wonderful services I can get through it but I am also concerned that many of the manufacturers of devices in IoT do not consider security or consider it as an afterthought.

So then you have products flooding the marketplace that don’t obey standards, are not up to date, don’t have cybersecurity integrated from the design… so they become easy targets for hackers and they can be used for very destructive ends.

Weisler: What can a media company do to best prepare for the future?

Moschovitis: My advice to anyone is to understand how critical cybersecurity is to their existence. In the absence of cybersecurity, all of the assets that you have, all of the assets that you create are at risk. No matter what the size of your company is, you have to develop an actively managed cybersecurity program that is right for your business.

Next story loading loading..