Title:Staying safe: cybersecurity in modern museums
Authors:Wendy Pryor
Publication:MW17: Museums and the Web 2017

Museums are in the thick of data security: selling tickets and products online, collecting and updating members’ details, sending e-newsletters, recording donations, granting staff access to collection cataloging software, or negotiating agreements with commercial partners. A basic understanding of cyber threats, with a toolkit to combat them, is critical for maintaining cybersecurity.

Cybersecurity refers to preventative methods used to protect the confidentiality, integrity, and availability of data. Part one of our paper describes threats and approaches to protecting information, intellectual property, and the computer network itself from external, internal, and hidden cyber threats. An effective cybersecurity approach should include network firewalls and gateways, anti-malware, user access management and authentication controls, backup management, business continuity and disaster recovery planning, patch management, and software updates. These will be bolstered by staff education. Supported by your executive, the cybersecurity strategy will align with your museum’s business goals and risk appetite.

Part two focusses on cryptography (writing and solving codes) to emphasize that information security is a perennial problem. Historically, the potential rewards for breaking codes and deciphering messages are obvious: outsmarting enemies, exposing diplomatic secrets, or unravelling plots. Four examples (Ceasar Cipher, Mary Queen of Scots Cipher, Polybius Square Cipher, Enigma machine) demonstrate the escalating complexity of cryptography since classical times. Modern cryptography exists at the intersection of mathematics, computer science, and electrical engineering. Current applications of cryptography include ATM cards, computer passwords, electronic commerce, digital rights management and copyright—all of which are relevant to museums.