5 things we learned from cybersecurity trainer and CryptoHarlem’s co-founder Matt Mitchell
While the highly digitized world creates new opportunities, the online space comes with new threats and inherits many often problematic social phenomena. In our latest under CTRL episode, we dived deeper into various forms of online surveillance and how these affect marginalized groups with human rights defender, hacker, and security trainer Matt Mitchell.
Read on for intriguing insights into the digital safety of journalists and what concrete precautions individuals and nonprofits can take to secure their online work and identity.
1. Corporate surveillance is supposed to be threat prevention but often becomes too intrusive
Matt agrees that cyberattacks and insider threats are among the top risks for organizations, which gives them plenty of reasons to use employee-tracking tools. However, the biggest challenge is not crossing the fine line between security precautions and privacy abuse.
Recalling his previous work in corporate surveillance, Matt explains: “It looks like endpoint protection, but it’s really focused on the humans. So, it’s like you'll put something on the machine that will monitor things like the size of the download, the size of the uploads, network activity, every website that's been visited.”
2. Protecting the digital safety of journalists should happen on both an individual and organizational level
Having helped journalists protect their work and communications, Matt can offer some unique insights on why they often neglect online security. “Journalism is a strange animal where the motivation/time is the enemy. (…) There's not a lot of room for things that slow you down, like being private and being safe.”
Still, he believes that security should be handled on an individual and system level alike – at small newspapers and bigger publishing houses. Since, in many cases, malicious actors target the weakest link in an organization instead of the most prestigious reporters.
3. Personalized, lifelike training courses have the biggest impact on educating journalists on digital security
“You need to spend some time getting [the journalists’] trust and understanding their field of expertise. (…) And all your lessons need to be steeped in that language, and that workflow, and those pressures.” Matt designs his courses in line with this educational approach, starting with basic protection tips (like getting a fireproof bag for storing written notes and physical documents) to taking more sophisticated precautions (such as using encrypted note-taking apps).
He emphasizes the importance of mastering tools, such as Signal, and all their functionalities. The learning curve can take up to a year – but in the end, journalists should be capable of encrypting their device to protect it in the event of loss or theft.
4. Tacking back control over their online privacy can be life-changing for marginalized groups
The online space provides a new platform for discrimination and social injustice in the form of online harassment, surveillance etc. Matt regularly observes that scapegoating minorities is a typical human response to unknown and uncontrolled events. Unfortunately, this leads to a greater level of surveillance and privacy abuse in marginalized communities.
CryptoHarlem was born out of this realization, which drove Matt to help black communities live a safer and more private digital life. As Matt puts it: “Privacy is a door so that you can let someone in and invite them into your home.”
5. Cybersecurity is a building block for turning NGOs into resilient organizations
With the Ford Foundation’s BUILD program, Matt and the team support nonprofits worldwide to achieve organizational maturity. Matt believes that building up an organizations’ cybersecurity muscles should start with simple, easy-to-adopt steps like taking out cybersecurity liability insurance or creating a minimum viable security policy.
+ 6. Bonus tips:
If you are in the mood to learn more about cybersecurity, surveillance, and NGOs, check out the following resources Matt recommended:
- Digital Detox Kit – gives concrete suggestions on all things online privacy and security
- The Citizen Lab: Dark Basin – the story of uncovering a world-spanning hack-for-hire operation
- Simone Browne: Dark Matters – a history of surveillance practices targeting black communities
If you’d like to dive deeper into our interview with Matt, you can check out the full episode here: