Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Data leaks evolving into weapons of business destruction

Maria Korolov | Oct. 4, 2016
Increasingly, attackers are using data leaks to target the companies themselves, going after proprietary or embarrassing information and releasing it in such a way as to do the most harm

We're now in a world without secrets, he said.

"You're just going to have to get prepared for the fact that it's going to happen," he said. "You have to assume that it is going to get out there somehow, either through a hack or through a whistleblower."

Organizations built around transparency will have an advantage on this front, he added.

And everyone needs to be prepared to respond quickly on multiple fronts.

"With social media, these crises get blown up extraordinarily quickly, and it becomes a social storm," he said. "What is your response to a social storm? It's not something you want to be learning about on the fly."

He suggested that companies take a look at their business operations and identify areas where there might be an issue with public perception and be prepared to respond.

For example, he said, a company might be using hazardous chemicals -- but those chemicals also offer significant advantages. "In the event of a crisis, are you prepared to make the argument about the benefits of what you're doing, so that you're engaging in this public policy debate?"

In fact, a company or their employees might be unintended victims in an otherwise unrelated attack.

"One of the things that is a bit concerning and the disclosures that are going through WikiLeaks now is that it's not apparent what the actual immorality or the crime is that warrants the disclosure of every single email," said Mark McArdle, CTO at security firm eSentire.

"There is a collateral damage aspect," he said. "A mom talking about a doctor appointment for a child --- there is no merit in having those types of disclosures."

Elevating security

One positive benefit of all the leaks -- both those aimed at personally identifiable data and at proprietary corporate documents and communications -- is that it has elevated the discussion of security and risk in general.

No longer limited to the IT department, it has become a concern for finance, for sales and marketing, for investor relations, for top executives, and for corporate boards.

"As you see more and more of these types of events come up, and the entire organizations realizes that they need to plan for these types of events, you'll definitely see more and more collaboration," said Jesse McKenna, director of cybersecurity product management at security firm vArmour. "Not just a security response plan, but a coordinated response plan."

And that goes for budgets, as well, he added. "How much are you willing to spend now to prevent a potential catastrophe in the future?"

A leak might cost a CEO their job, or even destroy an entire company.


Previous Page  1  2  3  4  5  6  Next Page 

Sign up for CIO Asia eNewsletters.