Happy Safer Internet Day to all those who celebrate (which should be us all, everyday)!
Safer Internet Day, a European Union initiative, launched on 5th February 2004, aiming to promote safer and more responsible online behaviour, particularly among young people. Since 2004, the awareness day has grown to be celebrated in over 100 countries. The day raises awareness of online risks like cyberbullying, harassment, and exposure to harmful content, offering a chance for everyone to learn about the latest online safety tools and strategies for children.
Our Gurus asked experts from across the industry to provide comment on the threats facing both consumers and organisations, as well as what people can do to protect themselves online.
Darren Guccione, CEO and Co-Founder at Keeper Security:
“As cyber threats become more frequent and sophisticated, proactive security measures are essential to staying ahead of attackers. Safer Internet Day is a crucial reminder for organisations to implement a layered security strategy that includes Privileged Access Management (PAM), advanced threat detection and flexible, secure authentication methods.
“According to recent research, 80% of organisations are already using or planning to adopt passkeys – reflecting a growing shift toward passwordless authentication. Passkeys and other passwordless solutions enhance security by reducing reliance on traditional passwords, which remain prime targets for phishing and credential-based attacks. In fact, 67% of IT leaders report that their companies struggle to combat phishing, highlighting the need for stronger authentication measures. As passkey adoption accelerates, organisations must deploy PAM solutions capable of securing all credentials – whether passwords, passkeys or secrets – within a zero-trust and zero-knowledge framework.
“This Safer Internet Day, prioritise security and usability by integrating modern authentication solutions while maintaining strong password hygiene. A layered approach remains the key to protecting sensitive data and identities.”
Thomas Richards, principal consultant at Black Duck:
“Scammers and malicious actors will continue to find creative and deceptive ways to achieve their goals. We’re already seeing AI’s impact by malicious actors utilising it to craft new software and convincing social engineering ruses. Governments can use their regulatory power to enable the internet industry to find ways to combat and prevent these attacks. There will always be the cat-and-mouse game with cybercriminals, but larger internet providers should put a strong effort into ensuring their users are safe. Wide-reaching campaigns usually have a signature or style that can be identified and stopped before damage can be done. Practicing good digital hygiene continues to be the best way to prevent your account from being compromised: keep your software up to date, use long and complex passwords, and enable MFA whenever possible.”
Boris Cipot, senior security engineer at Black Duck:
“We can already see how the usage of AI has helped to make online threats more sophisticated and harder to detect. We have chatbots that impersonate customer service, audio, and video scams with so-called DeepFake that “ab”-use the AI deep learning capabilities and, in the end, the most prevalent of them all – the phishing campaigns that have become really hard to detect as AI is makes phishing texts, design and also wording believable.
“There must be a mixture of regulations and proactive measures that can only be achieved with a tight collaboration between the government and the software/internet industry. The word collaboration is, however, the most crucial part of the whole sentence, as just making stricter regulations will incapacitate the industry from evolving, but too loose regulations will bring high risks to internet/software users. There must be an understanding of what is regarded as a user-safe service. How AI can be used and what AI should not be able to do – at least publicly. Better tools for fraud detection must be implemented on online platforms, and most importantly, education and awareness must be part of device/software/internet usage. Platforms / online services must offer strong verification systems and scam detection tools to protect users. The use of AI today is no longer avoidable. A straightforward way to report possible scams is necessary to improve the online scams market.
“The biggest challenge for young people, or anyone active online, is to be cautious about sophisticated risks. Attackers often target older people using devices to be present online but lack the technical knowledge to be suspicious about fake communication. Here, the biggest giveaway is offers or ads that are “too good to be true,” urgent messages, requests for personal information through phone or email, and news reports with fake videos, pictures, and texts generated by AI and then used to collect money. These are some examples of known, misleading scams on the market today, but as the usability of AI tools grows, so does the ingenuity of scammers; therefore, the best advice is to always think twice before you act.”
Dray Agha, Senior Manager of Security Operations at Huntress:
“In today’s world, the average person has countless priorities, and online security often isn’t one of them. While cybersecurity experts can easily spot a scam, a busy individual may not immediately recognise the risks of a suspicious link or phone call. Younger generations are often highly tech-savvy but lack awareness of the long-term consequences of their online actions. This gap in understanding makes people more vulnerable to cyber threats, reinforcing the need for simple, effective education on digital security.
“Many people don’t think about how their devices communicate with them and the outside world. If a gadget can share information or receive messages, whether it’s a smart TV, a gaming console, or a video-enabled device, then it needs securing. Unlike a car warning light that signals when an oil change is due, these devices rarely remind users to update security settings. People prioritise convenience, and steps like enabling multi-factor authentication (MFA) or updating passwords can feel like a hassle. Even managed service providers (MSPs) hesitate to enforce strict security measures for fear of frustrating their customers, leaving many devices exposed.
“Simple security steps can significantly reduce risk. MFA, for example, is like checking through a peephole before opening your front door, it ensures that only the right person is gaining access. Public WiFi is another common risk; connecting to an airport or café network doesn’t guarantee an immediate hack, but it does increase exposure. If possible, using mobile data is a safer alternative. The same vigilance should be applied to password management. Reusing passwords across multiple accounts is risky, and a password manager can help maintain security. With legislation often favouring large companies over individuals, taking extra precautions is always wise.
“Staying secure online is an ongoing process, much like adapting to new road rules or safety advice. Apps and threats constantly evolve, so it’s crucial to educate ourselves and others, especially young people, who often find ways around security controls. Teaching them about the impact of their online actions such as the financial risks in gaming can prevent future issues. Small daily habits, like avoiding unknown QR codes, enabling auto-updates, and regularly restarting devices, can enhance security. If in doubt, a quick online search can provide reliable guidance. After all, no one builds IKEA furniture without a manual. Cybersecurity doesn’t have to mean expensive solutions; sometimes, it’s as simple as making smarter choices every day.”
