Security Expert Interview Series: Schneider Bettina
We are delighted to present an exclusive interview with Schneider Bettina. She is currently holding the position of Senior Lecturer and Researcher at the University of Applied Sciences and Arts Northwestern Switzerland. In this interview, you will see some of Bettina’s research findings on Human-centered Artificial Intelligence and other insights, which we believe you will find valuable.
1. Can you give us an introduction about yourself, Bettina? Your journey and how you ventured into the cyber security world?
I am a person who is very enthusiastic about learning through and through. When I was faced with the big question of choosing a career path after graduating from school in 2002, I learned that I wanted to be part of the digitalization that was already on the rise; hence I studied business informatics. For more than 10 years, I then worked as a global IT project manager in the pharmaceutical industry. Ensuring traceability, credibility and legal compliance of data and data processing was always important in this field. In 2016, I took a position as a lecturer at FHNW. That was the year, in which the EU GDPR had just been introduced. This gave the data protection issue a big push, which sparked my interest. Since data protection and security are closely connected, I joined the newly founded Competence Center “Cybersecurity and Resilience” at the School of Business at FHNW. Since then, I am focusing on data privacy, cybersecurity awareness but also new technologies such as blockchain.
2. What motivates you to keep pushing ahead every day in the security field?
I have two interrelated motivations: first, I see an immense need among small companies with limited resources. I would therefore like to use my work to help this group protect themselves effectively against cyber- and security-related risks. Secondly, I also want to help raise awareness of cyber threats and privacy risks in society. I am convinced that there is great potential in pushing towards digital sovereignty.
3. Could you please tell us what the most important cyber security lesson was you learned in 2020?
In June 2020, the EU project GEIGER started, which is co-led by my team. The project aims to support the cybersecurity and privacy of small businesses through a digital GEIGER counter (analogous to the measurement of radiation). The first months of the project have made it clear to me once again how important it is not to simply develop a technical security tool – by experts for experts – but to involve the end-users right from the start and to establish a channel to the users. That’s why I’m proud that a central component of our project is a learning ecosystem in which we plan to build-up a security-interested community of predominantly laypeople. For example, we enable experiencing the dangers in cyberspace on a very low-threshold by means of a so-called ‘Cybersecurity Escape Room’ as part of the GEIGER learning experience.
4. Now let’s talk a bit about data breaches. Are data breaches unavoidable? If yes, is there a right and a wrong way to deal with them when they do occur?
In my opinion, many data breaches could be avoided if the data protection principles – namely privacy by design and data minimization – were implemented consistently and from the very beginning. Another important pillar for avoiding data breaches is the training and awareness of employees and related stakeholders, e.g., suppliers.
However, mistakes are simply part of life, so there will always be a certain number of incidents. When a data breach has occurred, one of the first measures should be to clarify data privacy. This includes, for example, assessing the situation, reporting the breach, taking immediate countermeasures and, of course, communicating transparently to the individuals/customers/suppliers affected by the incident.
5. We are truly impressed by the breadth of your publications, one of which is titled “Human-centered Artificial Intelligence: A Multidimensional Approach Towards Real World Evidence” (2019). What does this research precisely entail and what have been the essential findings?
The research indicates the significance of a human-centered perspective in the analysis and interpretation of data from the real world for measuring the effectiveness of new medical treatments. As an exemplary use-case, the construct of perceived ‘Health-related Quality of Life’ was chosen to show, firstly, the significance of Real-World Data (RWD) and, secondly, the associated Real World Evidence (RWE). The essential findings were twofold: firstly, we categorized the major challenges associated with the use of RWD – compliance, registration and business model risks. Secondly, we postulated that approaches focusing on the analysis of RWD and associated RWE need to incorporate the strengths of artificial and human intelligence ‘by design’. In short, our suggested multi-dimensional approach is based on three layers; the first is ‘elementary evidence’, the second ‘algorithmic evidence’ and the third ‘human-centered evidence’ with an Artificial Intelligence (AI) indicator set evaluated with ‘systems dynamics’ – a method which will become increasingly important in the future in order to understand complex interrelationships and to be able to develop solutions.
6. Your other publication is called “Blockchain Technologies Towards Data Privacy – Hyperledger Sawtooth as Unit of Analysis” (2020). According to you, what makes blockchain the most exciting technology today? Are there any other technologies you are currently following?
Our world is facing major challenges that require companies to work together across consortia to find solutions. One example is transparency in supply chains. Consumers want to know under what conditions goods are manufactured, transported, and traded. For such issues, I see immense potential in blockchain as the underlying technology. In addition, the Internet of Things and AI are technologies that are on my radar.
7. What do you see the year 2021 holding for blockchain projects?
This year, our team is working on a very innovative project on blockchain-based whistleblowing; we have named the project ‘integrity@inside’ to emphasize the importance of internal transparency and fairness. Furthermore, I hope to see more projects on blockchain-based identity data management; from my point of view, this could be a promising approach towards a self-sovereign digital society.
8. What is your smartest productivity hack?
There are certainly many possible answers here. I had the impression that in times of continuous home office it was more difficult to separate myself from work, because the laptop is only a few meters away from me. In the long run, this drains my own creativity. The following helped me: At noon, I had a fixed appointment to go out, to walk or thanks to the snowy winter to do some cross-country skiing. Listen to a good, inspiring podcast and the ideas come all by themselves.
9. Lastly, for the people who want to delve into cybersecurity research, where should they start?
To keep myself up to date, I regularly visit the pages of the Swiss National Cybersecurity Center and the Federal Data Protection and Information Commissioner Edoeb. Also, I am a member of the association ‘Digitale Gesellschaft’, who offer a great variety of events. For people that like to exchange with other practitioners, I organize every year in spring the ‘Trinational Cybersecurity Days’ (www.tri-csd.ch) at FHNW. This is an exchange platform for non-experts, and this year we focus on small businesses.
Click here to learn more about the Swiss Cyber Institute’s approach towards improving the digital safety and security of society and economy through education and weekly blog posts. Do you think you are a good fit to participate in our Security Expert Interview Series? Reach out to us for more information.