Navigating together towards a secure digital future 

Vanesa Daza, Vice-Rector for Knowledge Transfer, Universitat Pompeu Fabra

The expansion of the digital world, driven by the proliferation of connected devices and the digitalisation of almost all areas of our lives, has also created a vast field of action for cybercriminals. Digital threats, ranging from viruses and malware to phishing attacks and ransomware, have grown exponentially (more than 70% by 2023) putting data and system security at risk. Protecting sensitive data, safeguarding privacy, business continuity and protecting critical infrastructure have become essential aspects of cybersecurity that have moved beyond the business context and into the private lives of all citizens. 

However, despite their importance, there is a notable gap in knowledge, or in some cases a lack of it (who wants to know my data?), about how to navigate securely in the digital world. The case of passwords, and their (mis)use, is one of them. Recent data suggests that 85% of the world’s population reuse their passwords in different places, and some may not sufficiently protect the password (who reads the technical specifications of how they are stored?), so it may be that this password that was thought to be so secure ends up in the public domain for hackers, who, on average, can crack (the dubious art of finding passwords) 17 out of 20 passwords in less than a second. Add in the fact that the password “123456” was the most commonly used password in 2023, and the gap is possibly even wider than expected, with recent studies suggesting that 3 out of 4 of today’s passwords are still not sufficiently secure. 

This gap not only exposes us to risks and vulnerabilities, but also deprives us of taking full advantage of the opportunities offered by technology. The solution to this dilemma lies in education and awareness-raising, a task that requires an inclusive and generational approach. This is how the proposal of a workshop “P1$$w0rds! (or why it is necessary to choose our passwords wisely)” arises, where we will share with the youngest members of the family in a relaxed way the importance of passwords and how to protect themselves by using them. We not only show participants not to create secure passwords, but also to understand the basics of cybersecurity. Through these workshops we aim to sow the seeds of interest and curiosity in technology and digital protection. 

These workshops are also part of the chair I direct, ARTEMISA, an international chair in collaboration with the National Cybersecurity Institute (INCIBE), the Universitat Oberta de Catalunya (UOC), the Université Paris-Saclay and the Institut Polytechnique de Paris, whose main purpose is to provide society with the necessary tools to understand and face the security challenges that arise in the digital environment, considering a multidisciplinary approach emphasising the importance of regulation and legislation in this area. Strengthening collaboration between the University and the business world is another of the chair’s objectives. In addition, ARTEMISA emphasises the importance of encouraging the active participation and empowerment of women in this field, with the aim of contributing to closing the gender gap and promoting diversity and inclusion in cybersecurity. 

There is still a long way to go in the world of cybersecurity in terms of gender. Not only under-representation (less than 25%), but situations such as those that occurred at the last RootedCon, one of the largest cybersecurity conferences in the Hispanic world, where in front of 1500 people, two experts (female and male) shared the stage to present and discuss a critical vulnerability in railway security. Unfortunately, the omission of her contribution in comparison to her male colleague serves not only as a testament to the challenges faced by women in this field, highlighting the urgency of addressing the gender gap not only in terms of participation but also in the recognition and valuing of women’s work. 

Another workshop we have designed with this objective in mind is the “Hacker Heroine: co-creation session”, where, in an interactive way, children will create the next generation of cybersecurity heroes and heroines. The purpose of the workshop is based on the fact that this type of literature encourages children’s curiosity and interest in the field of cybersecurity from an early age. The chair is committed to creating literature where the protagonist is a teenage girl with skills in ethical hacking and technological problem-solving, which shows them a role model and encourages their curiosity to learn more about the digital world, breaking gender stereotypes and motivating girls to explore studies and skills related to technology and cybersecurity. 

This and digital futures call for active and conscious participation from everyone. In this scenario, education and inclusion stand as critical foundations for designing and protecting our digital environment. Workshops and programmes such as those offered by ARTEMISA are not just educational initiatives; they are steps towards building a digitally resilient and equitable society. On this path to cybersecurity, every action counts, and together we can forge a safe and inclusive digital future for generations to come. 

The festival of technology for all, Tech&Play, offers us a wonderful opportunity to get closer to these workshops. See you next 25th April at Fabra & Coats.