CYBERSECURITY & DIGITAL PRIVACY: Roundtable.

• Position: Discussion

Every month, Utah Business partners with Holland & Hart and Big-D Construction to host roundtable events featuring industry insiders. This month we invited the top cybersecurity and digital privacy specialists to discuss security breaches, privacy tools, and mitigating damage. Moderated by Romaine Marshall, cybersecurity and digital privacy lawyer with Holland & Hart, here are a few highlights from the event.

CYBERSECURITY AND PRIVACY ARE TERMS THAT ARE USED INTERCHANGEABLY. WHAT IS THE DISTINCTION?

Kate Riley | Director of Information Security & Compliance | Braintrace

Cybersecurity is safeguards of information systems, and privacy is about the data itself, the individual. So you compile information that tells you that 'I am Kate Riley and that's my privacy,' and the safeguard is where is it stored, how do you get access to it, how's it distributed?

Elaina Maragakis | Attorney | Ray Quinney & Nebeker

The privacy end of it would be things like, can we monitor this employee's email? And what kinds of accounts can we get into? What kind of information can we ask a candidate or employee for? Can we put up this video camera? Can we turn the audio on? And the other related issue is really what is private information? Which we all know is vast, and if we get into Europe we're in a whole new ballgame because everything is private information.

WHAT ARE THE MAIN TYPES OF CYBERSECURITY INCIDENTS YOU EXPECT TO SEE IN 2019?

George Phipps | VP of Strategic Services | NetWize

The proliferation of IOT is going to create a monumental risk that we don't really understand yet, this value of data and what can data do to predict or forecast business trends. Now the market is saying go out and gather all that data, but the devices that are in place are not built to be secure, and so now you're going to be ingesting this data that you don't know where it's coming from. And so that pressure we're going to get from clients as we talk about where are you forecasting your business? What are your three to five year plans? And they say, 'Oh, whatever my plans are, I wanna grow; I wanna build; now let's start ingesting and analyzing data.' Now we're being pushed out to the edge without being prepared to say, 'How do we secure that edge?'

Robert Jorgensen | Assistant Professor | Utah Valley University

I think we're going to see smarter phishing schemes. We're going to see business email compromised, using Al to really create these wonderful lures of people. I mean one of the things that we've seen is that phishing and BEC works, and if the money's there, it's going to keep happening. It's just going to get more and more sophisticated.

I think IOT's also going to be an issue. We're already seeing crypto malware that's using an IOT to do crypto veining. When you start looking at those devices, we could be back to denial of service like we used to have but from within your own IOT devices. So I think that we're probably going to see more of the same, especially at the small business level, is it's going to be the BECs because they're...