5 Cybersecurity Lessons I Learned From ‘Hamilton: The Musical’

Reading Time: 6 minutes

cybersecurity hamilton

The other day, I was skimming my LinkedIn and came across a post about how changing corporate culture isn’t the answer to cybersecurity. In response, I used a Hamilton quote. Because, of course. What Hamilfan doesn’t make constant references everywhere?

As a parent who works in cyber, I’m painfully aware that teachers don’t have the resources or access to the skills they need to teach our children how to protect themselves. I’m also painfully aware that the same is true for most parents. I’m also painfully aware that I was that parent only a few years ago. But, as our kids increasingly need to use technology in school and at home, we have a responsibility to protect them. If you really want to freak yourself out (or just learn about some of the cybersecurity problems with schools), one of my clients released a whole analysis about the data school’s collect and education’s cybersecurity problems.

So, here are the five cybersecurity lessons I learned from Hamilton: The Musical to help my Hamfam raise cyber aware kiddos.

Lesson 1: You Can’t Wait for It

Wait for it, wait for it
I am the one thing in life I can control

That’s right. We’re the one thing in life we can control. I was an early internet adopter. (Shout out to all my AOL chatroom peeps from the early-’90s!) I was going on dates with people I met online in college. (Yeah, suck it, people who said going on dates like that was so horrible… I’ll see your Match.com and raise you a Tinder.) If I’ve learned one thing as an early adopter, it’s that tech isn’t going anywhere.

In cyber language, we don’t stand a chance against hackers. Except, and here’s the kicker, we can control ourselves even if we can’t control the actions of others. Burr’s inaction ultimately led to his downfall. He waited for it, but when he finally chose to act, he ruined his whole life. (Burr’s history after the duel is pretty sad. The duel destroyed his reputation, and his power hunger led him to try to create his own semi-empire, which failed. Then he moved to England, only to return to the US where he re-started his law business but never recovered his reputation.)

In other words, you can choose the option a lot of people take—to wait for it and ignore the importance of cybersecurity. However, if you’re proactive rather than reactive, you can protect your identity, your kids’ identities, and your finances.

Lesson 2: You Are Already in the Room Where It Happens

When you got skin in the game, you stay in the game
But you don’t get a win unless you play in the game
Oh, you get love for it, you get hate for it
You get nothing if you
Wait for it, wait for it
If you want to be in the room where it happens, you don’t need to be in the same physical location as a hacker. If they can reach into your devices, then you’re already with them. I know, it’s all sorts of creepy, but it’s true.
You’re living with devices every day, and you’ve got to recognize that you have skin in the game.  If you think about all the information about yourself that you share every day, you’ll probably start to freak out. I don’t want to freak you out, but I’m about to. Do you have a smartwatch? What about Bluetooth headphones? Do you use applications to check your bank account, medical information, or health insurance? All of these are places where hackers can gain entrance to your information.
Bluetooth connections are insanely insecure. They use short-range communications, similar to old-school walkie-talkies, that hackers know how to intercept. So, imagine you’re at the mall or in a restaurant, a hacker can just hang out in a public place and basically play a digital game of Keep Away, where two kids throw a ball to one another and a third kid in the middle has to try to catch it. Your devices are the two kids on either end, while the hacker is the kid in the middle. Aptly named “Man-in-the-Middle” (MitM) attacks, these are the most common ways that Bluetooth devices get hacked.
If that doesn’t sound frightening enough, more doctors and hospitals are using technology that allows them to monitor your health remotely. Pacemakers are smart-devices. Sleep apnea machines send information to your doctor’s office. Hospitals use smart devices to deliver medications.
And hackers can gain access to any of these if they so choose.

Lesson 3: Never Be Satisfied

HAMILTON:
You strike me as a woman who has never been satisfied.
ANGELICA:
I’m sure I don’t know what you mean. You forget yourself.
HAMILTON:
You’re like me. I’m never satisfied.
ANGELICA:
Is that right?
HAMILTON:
I have never been satisfied.
The first rule of cyber club… is to talk about cyber club. Never be satisfied. To be smart and protect your family, you need to be asking more questions before buying that smartwatch or letting a doctor plop something in your body that you don’t fully understand.
Asking questions isn’t easy when you don’t know what questions to ask. However, you should always be satisfied in responses to the following:
  • Does the device have at-rest and in-transit encryption?
    • In other words, does it mess with the information to make it impossible for someone to read if they manage to get it?
  • Is this the most recent Bluetooth version available?
    • Although cybersecurity professionals are trying to create a standard, nothing official exists yet. As of this writing, SE Secure Connection is the most recent and is what you should look for on a product’s box.
  • Are you only collecting the minimum amount of information necessary?
    • If a product or app is collecting more information than they need, then you don’t want to use them. This means, especially for medical devices, you should make sure they are only collecting what they absolutely need. This means looking at whether they need a name or can use a unique, anonymous ID, whether they’re collecting location information, and whether they link your name/social security number/bank account information in a way that makes it clear who you are. If they’re collecting this information and don’t give you a satisfying response as to their reasoning, don’t use it.

Lesson 4: Be a New (Wo)Man

(Scammin’) for every book he can get his hands on
(Plannin’) for the future, see him now as he stands on (oooh)
The bow of a ship headed for a new land
In New York, you can be a new man

Technology is a new land. In fact, data is often referred to as a “landscape,” “environment,” or “ecosystem.” In other words, we’re standing on the edge of a new future for which we need to plan.

That means we have to scam books and read. In reality, data security doesn’t need to be confusing, and, often, it isn’t.

Sure, some of it is super technical. If you made it this far in this post, you know more than about 80% of the rest of the world. But finding the right resources that make it manageable is hard. In part, that’s why I’m writing this post. I’ve learned a lot in the last few years, and realize that it’s not always easy to find information that makes sense to the non-coding person.

With the rise of the internet, we have more access to information than we did before. Yet, finding good, accessible information is often difficult. If you’re looking for a good starting place, I’d suggest following some of these ladies in cyber on Twitter:

Eleanor Dalloway

Wendy Nather

Paula Picard

Jovi Umawing

Leslie Carhart

Or you can read some of these websites:

InfoSecSherpa’s Newsletter Nuzzel

The Register Security Section

Lesson 5: You’re Not Helpless

Look into your eyes, and the sky’s the limit I’m helpless!
Down for the count, and I’m drownin’ in ‘em.

Throughout most of the musical, we’re all led to believe that Eliza was an intellectual second to her protagonist husband. However, if you think about things a bit, Eliza was a pretty darn intelligent lady who went on to accomplish some pretty amazing things. Sure, the final song details them. However, if we think about it, history shows a different story.

Historians explain that Alexander highly valued her intelligence, and she likely transcribed some of the Federalist Papers for him. She was a single mother after he died, never remarrying. She went on to fundraise, started two orphanages (DC and New York), petitioned for his army pension, and spent 50 years collecting his writing for publication. She was, truthfully, anything but helpless.

In other words, you need to be a Cyber-Eliza. Even if you’re insecure about your cybersecurity knowledge (see what I did there?), you’re not helpless. Tools exist to help you. You just need to reach out and find them.

  • Invest in a VPN.
  • Always update all your laptops, smartphones, tablets, desktops, and gaming systems as soon as possible. (Yes, it takes time, but it’s super important because hackers use those known weaknesses that the updates are trying to fix to get your data.)
  • Install anti-malware and anti-ransomware software.
  • Run scans regularly, and if you miss one, run it in the background while you’re using your computer.
  • NEVER ever click on a link in an email. Nope. Never. Not even that one.
  • Never click on a link in a direct message or text.
  • Never respond to emails, texts, or direct messages if they don’t look right because it just lets someone know they hit a real address. (Half the time, hackers are just guessing at stuff and hoping to catch a real address.)
  • Delete apps you’re not using regularly and redownload them if you need them later.
  • Make passphrases personal, since randomly generated ones use the same type of math that hackers use.
  • Always use different passwords for things and find a password manager application to help store them.
  • Don’t use public Wi-Fi if you’re not using a bunch of other protections (see above suggestions).

If You Don’t Know, Now You Know

As parents, we teach our kids “stranger danger.” We understand the visible stranger dangers—white vans with creepy guys handing out candy or that weird looking profile on social media.

It’s the invisible threats that we need to start working on teaching them. It’s 100% ok not to know things at first. I started there. However, it’s not ok to pretend these threats don’t exist. They do.

Advertisements
Liked it? Take a second to support Karen Walsh on Patreon!
If you enjoy this content, please support the GeekFamily Network on Patreon!