Visit to get our entire library of TED Talks, transcripts, translations, personalized talk recommendations and more.
In this practical talk, cybersecurity expert Nadya Bartol brings this crucial topic out into the open, lifting the shame around tech mistakes and offering creative ways to celebrate and reward good cybersecurity habits at work and beyond.
The TED Talks channel features the best talks and performances from the TED Conference, where the world’s leading thinkers and doers give the talk of their lives in 18 minutes (or less). Look for talks on Technology, Entertainment and Design — plus science, business, global issues, the arts and more. You’re welcome to link to or embed these videos, forward them to others and share these ideas with people you know.
Become a TED Member:
Follow TED on Twitter:
Like TED on Facebook:
Subscribe to our channel:
TED’s videos may be used for non-commercial purposes under a Creative Commons License, Attribution–Non Commercial–No Derivatives (or the CC BY – NC – ND 4.0 International) and in accordance with our TED Talks Usage Policy (). For more information on using TED for commercial purposes (e.g. employee learning, in a film or online course), please submit a Media Request at
True Crime Queen TV
June 1, 2021 at 4:47 pm
Love your videos! Very well produced. Stay safe everyone 🙏🏾❤️😍
Avi Khant
June 1, 2021 at 4:52 pm
No subtitles on a TED Talk video is crime
Matata McCleskey
June 1, 2021 at 4:54 pm
Sure, tell that to PoonStabber24/7 and DuhQueQueQue42069
Jonathon Jubb
June 1, 2021 at 4:56 pm
Honesty? Don’t see a lot of that about nowadays. Good luck with that….
Peter Petrakis
June 1, 2021 at 5:11 pm
Until cyber security gets integrated into the programming toolkits we use, insecure code will be the norm. It’s just too complex and time consuming to get it all right inline, which means it’s audited after the fact and then it’s fixed. Maybe.
CMDR After Hours
June 1, 2021 at 5:15 pm
The agendas are always under the guise of safety and security. You’re a slave and they’re tightening their grip aren’t they. Fight for your rights, you will not get them back.
DR F
June 1, 2021 at 5:21 pm
Corporations have to agree to fund these multi-faceted solutions – implementation and continued maintenance. Separately, and in general, centralization and automation can help to remove many intentional (insider threat too) and unintentional negative events.
iPad
June 1, 2021 at 5:28 pm
sorry, we had to change this video to dislike.
IS NULL
June 1, 2021 at 6:05 pm
At 2:15, not sure that is entirely accurate. All dates are in 2017 in US format mm/dd; 03/07 CVE-2017-5638 patch released, 03/08 US CERT contacts Equifax, 03/09 Equifax internally requests patching within 48 hours, 03/10 first evidence of exploitation discovered.
Zachary Levy
June 1, 2021 at 6:09 pm
“tell us but then you’re still in trouble” lol. We know what incentive that will create
ken juan
June 1, 2021 at 6:16 pm
What I find appalling is having cyber security “experts” and people in leadership positions with no real background in tech or tech security.
Gil C
June 2, 2021 at 5:51 am
unfortunately it is wide spread. that is why attacks are not getting stopped properly.
Pandaboi
June 2, 2021 at 7:54 am
That’s because there is a real shortage of people with that background. This is doubly bad in the US where tertiary education is an utter shitshow.
azigo_10
June 1, 2021 at 6:23 pm
I do love you ADISA ❤️ ❤️ ❤️.
I wish you would see my massage.
Zenn Exile
June 1, 2021 at 6:30 pm
Better cybersecurity starts and ends with the wall plug. This is a joke, and not a joke. Because the power grid is the largest isolated and secure network on the planet. And had Tesla’s patents not been stolen and hidden, the power grid itself would have been our communication network long before the Military created a more profitable alternative.
If anyone was serious about creating a secure and protected network, developing protocols for information service over the powergrid itself is the answer. Both by creating a new architecture, and through physical network isolation. We could be running a fully-secure powergrid network isolated from the internet and used to share sensitive data. You know, like all the personal and financial information the news keeps telling stories about being “EXPOSED”.
The military solution has always been network isolation. And the power grid reaches everywhere already with physical wires. The internet is not a secure network connection, no matter how much money you spend on security, how razor sharp the cutting edge you are sitting on is. Attaching to the internet is not secure. Attaching to the gridNet, would be. We’d simply have to use a fully encrypted network protocol and protect the technology behind it from being stolen. Then China wouldn’t be able to steal and repurpose every patent developed here, Russia couldn’t attack sensitive infrastructure systems, and the world would have a model for how to secure data that is affordable, and as secure as physically possible.
And bonus, the speed and latency of this kind of network would lend itself to blockchain and lockstep technologies. Forcing the financial institutions who batch purchase investments in the spare milliseconds between transactions to steal all the real profit at the point of sale to wait in line with Joe blow and his sister Karen. You wouldn’t be able to cheat a financial system in this way with an isolated and metered lockstep protocol. Every packet would have to wait in line.
Any more of the world’s problems you want me to immediately solve with a single easy and affordable solution?
Fly High
June 1, 2021 at 7:00 pm
This video is brought to you by Nord VPN
Yossi Kopyto
June 1, 2021 at 7:21 pm
TED – Ideas worth shredding.
आदित्य Aditya मेहेंदळे Mehendale
June 1, 2021 at 7:34 pm
Great talk, great topic,
but curses to the camera-person who thought that side-camera was a good idea!
Why, TED, WHY ???
SophieG
June 1, 2021 at 8:21 pm
Awareness is key!! Happy this is getting more attention🎉
Overonator
June 1, 2021 at 8:41 pm
Bottom line is that if given enough resources and time anyone specifically targeted can get hacked. But at least you can protect yourself against the less targeted attacks by doing the basics right.
Myndi Le Anne Werner
June 1, 2021 at 10:40 pm
I’m pretty sure by how many times it has happened to me that it has happened to us all.
Rafael Pirani
June 1, 2021 at 11:50 pm
Great!
Akshay Deshmukh
June 2, 2021 at 12:01 am
It’s philosophical video.
Please guide properly.
Goolag Tube
June 2, 2021 at 12:46 am
No, it starts by getting the left out of every aspect of life since all they do is subvert & destroy everything they touch.
Lane Atkinson
June 3, 2021 at 1:29 am
Are you lost?
Matthew Morycinski
June 6, 2021 at 5:03 am
Looks like…
Shane Carew
June 2, 2021 at 12:54 am
Turn the internet off, then you’re protected
Ou8y2k2
June 2, 2021 at 1:02 am
An Aussie meat plant was just hacked
Colonial pipeline was hacked before that
SolarWinds was a hack of hundreds of the US government’s exchange servers
Hackers are unstoppable because their ingenuity can’t be systematically snuffed out. As the blue team, you’re always on defense and one mistake means you’re screwed. Meanwhile, a hacker just needs one successful attack vector to bring down a grid, pipeline, or nuclear power plant. The best thing you can do is to educate users on how hackers socially engineer their way to profit, and how to report attempted intrusions.
Njul
June 2, 2021 at 1:31 am
Stop using proprietary closed-source software.
Joe Magnets
June 2, 2021 at 1:43 am
I’m going to talk about a shameful subject, the total corruption of America, by a cult that invented a ‘god’ that chose only THEM and gave land only to THEM. Yet the same answer for cybersecurity is the same for our government and that is HONESTY and ACCOUNTABILITY, that is lacking in America that has been sold by ‘our politicians’ to the insane cult that invented a ‘god’ that has a history of betraying any nation that failed to heed the warning that the lesson history teaches…*NEVER TRUST THE INSANE, whether a ‘god chose them or not.*
Joe Magnets
Greg Wake
June 2, 2021 at 1:50 am
I really enjoyed this. 6 years endured crazy things I’m no programmer I know enough to prolly get me caught and in trouble lol. Source code is our problem especially people who aren’t bad just put wrong things in their hands in confinements of their own home.. Letts say google misperceived u as a Wolfe when your really a harmless little bunny lol u see were I’m going. Bc of talks last few years I’ve started learning languages etc. We are living In some mest up times. Sometimes makes u think is anyone out their still genuine and good? Obviously so, idk how long untill god comes back. But I wish I could be apart of solutions. The problem is not some of the technology it’s the ones putting algorithms in it and getting away with all but murder and slowly that.. Ted talks are awesome. Keep sharing your ideas and giving people the tools they need. God bless u all
david marilley
June 2, 2021 at 2:58 am
Palo Alto Networks….end of the story.
Алла Пирогова
June 2, 2021 at 4:15 am
even better without an audience
Cool Robot
June 2, 2021 at 7:08 am
While I think this is standard generic advice for the younger generation, a lot of the older generation including my parents do need to be more informed about this sort of thing.
Jacob
June 2, 2021 at 10:24 am
*sees the title*
Tell that to Russian Cyber-bois
下北沢・渋谷
June 2, 2021 at 12:53 pm
、
JR Chicago
June 2, 2021 at 12:54 pm
⚠️ Encrypt everything and open nothing are obviously impractical. What about dIviding the risks? Start by thinking if email and browsing were on one physically isolated network and tight internal ops on another – like having two computers on your desk like they do commonly at DOD (but perhaps done with one with a hosted KVM or the right firmware, hardware, etc.). The ops side with no USB conductivity available unless performed at a special secure station with authentication before going live. In dividing risks, recovery comes into play. What about full network daily back ups to the cloud encrypted to 512 bits or two layer 256? There is the story about why the great grandmother cut off the bone shank on the Christmas Ham. That Recepie was handed down for generations and followed without question. One day a great granddaughter asked, great grandmother, why do “we” cut off the shank? Her reply was, I had a small roasting pan and cut the shank off so it would fit. How often do we accept the past as our only present? Are we trading off security for convince? Think about that eastern gas pipeline shutdown in May 2021 and ask yourself – why were the field controllers connected to an internet connected network to begin with? Build for security as the priority, not solely operational convince. I see this as a fundamental and an important ethical issue. What would Marly Marlinespike say? He says one click to obtain security is one click too many. Think in new dimensions. Think with layered redundancy. Think ethics first. In electrical engineering the question “is it safe” as an ethical and mandatory requirement. What do we need to change? What are your thoughts one Best practices? Security Organizations? Resources?
cybersekkin
June 3, 2021 at 12:53 am
incentivizing hunt the bugs for money, you end up breeding a culture of bugs intentionally being put out so that you can later cash in on closing the bug for a bonus. How about bonuses for running secure systems, with loss of bonuses if the systems do not remain secure.
Jimwi Chen
June 3, 2021 at 5:22 am
Cybersecurity is really important. but for small companies or start-ups, it will cost them a lot of dollars. It is much more expensive than running a company.
Matthew Morycinski
June 6, 2021 at 5:09 am
That’s pushing the blame on individuals. The real problem is with companies. They think cyber security is like a security guard. Management thinks It should be cheap, and never interfere with business. Sorry, but that will not work. Management must begin to realize that by neglecting cybersecurity, they put business continuity at great risk.
Truth In America Trapped Deep State
June 7, 2021 at 12:24 am
So what is really meant by honesty? I have been Cyber harrassed for 3 years now and found out that been secretly monitored through phone as well as other means for more then 5 years. What has been done on this matter. Nothing at all