As featured in DisruptiveViews
How important is the security of your data these days? If you take into account the amount of press coverage it is getting, or you ask a major corporation that has had customer or corporate data stolen and exploited, it has become very, very important.
But who is actually responsible for the security of data on the internet, on cloud services or even on personal mobile devices? When something goes wrong fingers are pointed in every direction and there is a wild scramble to either keep a lid on just how critical the leak is, go into denial or open up with the promise of better security moving forward.
None of this is really good enough and customers of online services that are affected – both corporate and consumer – are very concerned and are demanding not only better security of their data but also compensation for the loss of that data.
Smart lawyers are lining up to take advantage by claiming damages from data losses due to lax security. Insurance companies are reviewing their exposure to the risk and corporations are weighing up the potential damage to earnings that any publicized data loss will bring about.
Hackers, too, are not just exposing security flaws to prove how clever they are at ‘Black Hat’ gatherings, many are in it for the money. If the bad guys can’t immediately benefit financially from stolen information such as credit card numbers and bank account access, they will happily sell the information to anyone that wants to buy it.
There is also an element of criminal society that specializes in corporate espionage for the purpose of stealing corporate intellectual property for competitors. And some are happy to simply extort money from their hapless victims.
Fraudsters are also quick to exploit any known flaws in network security, especially those of telecoms operators. Fraud management experts are linking some activity to the funding of terrorist organizations – easily averting anti-money laundering monitors.
And here lies the real concern about data security – it’s all about the money. While telcos agonize on how to monetize data, the hackers and fraudsters are mastering the art!
I’m not suggesting telcos should follow their lead but simply highlighting the emergence of a whole new money chain that is growing and that, until now, has not been given the attention by governments, regulators, service providers and corporations that it deserves. When the financial impact starts being felt in earnest, or national security is threatened, then might we see really serious attention being paid to what will become the single biggest blight on the new digital economy – data security.
And to answer the first question raised on who is ultimately responsible for data security – well, everyone. There are so many opportunities afforded the hackers at every level that only a concerted awareness campaign will highlight just how exposed we all are.
Right from mobile devices and all those free-wheeling apps and their ridiculous terms and conditions that nobody reads; through to the networks and cloud services: to the servers that process and store the data – and everything in between – will need to be part of a concerted ‘security audit.’
Software and even hardware suppliers will be expected to certify the security of their systems. Network operators will be asked to pinpoint the location of hackers, even police them, presuming net neutrality rules are changed to allow it. Consulting and audit firms will morph into security auditors and a whole ecosystem and sub-economy will grow from the fledgling efforts currently being employed.
And in this new world of security paranoia the ones that will be in most demand will probably be the hackers and fraudsters themselves. Will they be tempted to cross from the dark side by the promise of untold wealth just for doing what they do best – only this time for the ‘goodies.’ Time will tell.