Iam tech by trade and in my heart. I spent my youth reading and writing low level code. Still, in the field of cyber security I have learned not to underestimate humans. 🙂 This lesson was reinforced when I participated in two hackathons related to helping humans in the extraordinary times we live in. Here are a few notes about how it felt.

Projects, researchers, proxies and the people

First some background. For the past couple of years our research group has worked on an EU project called CS-AWARE. Its longer title goes like this: a cybersecurity situational awareness and information sharing solution for local public administrations. Pioneers in the project have been the administrators of Rome and Larissa.

In the project our research partners and we have applied soft systems approach and analysis in order to think beyond the tech and to keep the humans in the equation. Local public administrators are definitely most human in a positive way, actually in the project they have been so welcoming that I wouldn’t mind living in Rome or Larissa. 🙂

Moreover, public administrators serve the people and from a project perspective they are proxies that represent the public and their needs. As a tech researcher I have too rarely stopped to think about those who are at the other end of the spectrum, the people.

Enter hackathons

I got my chance to stop and think. In April 2020, a local startup team, Signet Digital, decided to participate in two COVID-19 hackathons and asked me to spar them.

First one was the Global Hack — Fighting a Global Crisis -hackathon. Over 12k participants from 100+ countries worked on 500 projects that could help authorities and citizens deal with the crisis. Team’s final submission made it to top 10 solutions to the governance challenges the authorities are facing. Governance track was especially prestigious to us Finns as it was led by Toomas Hendrik Ilves, former president of Estonia. Hopefully with team’s solution the authorities, organizations and practitioners will be able to resume and scale their operations online without having to compromise privacy or trust.

Second one was a European Commission initiative called the EUvsVirus hackathon. This hackathon was even bigger, it received stunning 2160 submissions that proposed solutions to challenges our society faces in the crisis. Signet was chosen in the top three solutions in the fight against crime, one the 37 challenge categories. Team’s winning idea helps both to protect business transactions against CEO and invoice frauds and to upkeep confidentiality in healthcare-patient relationships even when online.

What did I learn?

Remote work and emergency mode in the supply chains puts an extra stress on cyber security as well. Cyber crime is a real threat and criminals are seen ready to exploit extraordinary times. All this slows down how we respond to the crisis as a society and an economy.

Data leaks from businesses and authorities fuel the crime and leaked data is abused to target people by making phishing attacks smarter. However, as in many of the other challenge categories, also in governance and fighting crime the winning solutions had human components. Humans were seen as a strength, adaptable and essential part of building immunity and reacting efficiently. Too often in cyber security humans are seen as mere passive victims. I was glad to see that in a true large scale crisis response it is not so pessimistic.

Back to the project

After seeing and feeling the human concern over data leaks and resulting impersonation, phishing and fraud it was time to step back to research and tech. It was inspiring and humbling to understand that cyber security research could and should have an impact on preventing and detecting incidents and resulting data leaks and it is not by tech alone.

Now, there is also this challenge by the Dutch government. Its goal is to help citizens to fight against phishing, but that is another story.

Marko Laakso