Вы находитесь на странице: 1из 2

Research Assessment #4

Date: ​October 11, 2019

Subject: ​The world needs to work together to solve Cybercrime.

MLA Citation:
Barlow, Caleb. “Where Is Cybercrime Really Coming from?” ​TED​, Nov. 2016,
https://www.ted.com/talks/caleb_barlow_where_is_cybercrime_really_coming_from?language=
en#t-146888.

Analysis:
This TED talk begins by describing the magnitude of cybercrime. The speaker, Caleb Barlow,
emphasizes how over 2 billion records were stolen last year, with 100 million Americans losing
their health insurance data to thieves. He proceeds to explain how the most concerning part of
this is not the magnitude, but the fact that it was months after the breach that us victims were
even informed about it. The main reason for this lack of communication is the arrogance of
companies, as they are unwilling to publicly acknowledge their own lackluster security practices.
The speaker then proceeds to discuss the creators of cybercrime, the ones completing the attacks.
He states that 80% of all cybercrime comes from highly sophisticated gangs, who on average
steal $445 billion dollars ​annually. ​The speaker continues with this idea by stating how
cybercriminals work together through the dark web, a subsection of the internet where criminals
are allowed to act under pure anonymity. Here, people can purchase malware as easily as they
can purchase a crayon box from Amazon. It’s simple, it’s efficient, and more importantly it’s
effective. Looking at this idea from a business standpoint, it's clear that these are not just simple
criminals, rather they are highly coordinated, thoughtful entrepreneurs utilizing their resources to
make a profit. Using this reasoning, the speaker emphasizes the importance of security firms to
share their information just like the criminals do. This sharing of information will not only
prevent companies from falling victim to the same attacks but will also allow security companies
to innovate at the same or even greater speed than the criminals. This collaboration will finally
allow security firms to get the edge over criminals, ultimately leading to a drastic increase in the
protection of our personal information. The speech concludes with the speaker's idea of
eliminating competitive advantage in the security industry, as this is the only way for pure
collaboration within the industry.

The most important concept of this video is was the idea of democratizing threat intelligence
data. This concept refers to the idea that security companies should publish their cybersecurity
information online for other firms to utilize. However, this idea, although it may be effective, is
impractical. Security companies are competing against each other; therefore, it would hurt them
to give the information they spent their time and resources discovering. It’s very similar to any
competition, as competing organizations don’t expose their findings to their competition, as even
though it could both teams improve in the long term, it will negatively impact the organization
who gave out the information, as they lost their competitive edge for nothing in return. In other
words, it has to be a cooperative effort. All security companies have to agree to publicly publish
their information in order for the industry to benefit. However, not only is this unfeasible
because of the unlikeliness of full participation but it also still negatively impacts the larger
security organizations, as they will be giving away more information compared to smaller
organizations. Hence, this idea of sharing information may be an important tool for security
firms to utilize in order to gain an edge over criminals, but it is too unfeasible currently. This
could be solved in the future by introducing government incentives for publishing information,
but at the current moment, the government is showing little interest in doing so.

Overall, this TED talk was a great choice to analyze, as this video introduced an idea for what
the future of the cybersecurity industry should look like. In other words, it gave me a new goal-
finding a way to incorporate the idea of sharing security information with other firms that will be
beneficial to all parties. Though this may sound simple, this goal gives me something to work
towards in my ISM journey, as now I can focus my original work towards implementing this
idea. Additionally, the level of cybersecurity education needed to understand the concepts
introduced by the speaker was fairly was similar to my level of education, which allowed me to
learn as much as possible from the video.

After analyzing two videos in my research assessments, I have recognized that I learn better from
videos. The main reason for this is because cybersecurity is an abstract concept; it’s not
something that can be physically grabbed and examined. Therefore, it makes it extremely
difficult for me to learn from articles, as words alone don't serve as sufficient adjectives to
describe the concepts. Hence, in order for me to learn from articles, I need to choose articles with
supplementary visuals that will help me understand the concepts. To conclude, videos were a
great start for my research assessments; however, articles will provide me more information
regarding cybersecurity in the long term. Therefore, I need to begin transitioning away from
analyzing videos as soon as the next research assessment.