You may have heard that some cyber criminals in Russia recently stole more than a billion user IDs and passwords — yes, that's billion with a "B."
In the past year, online security and data theft has been making international headlines, as evidenced by huge security breaches at retailers like Target and Neiman Marcus.
How bad is it? With our lives becoming more digitally entwined, it makes sense that potential security threats are more visible. Think about how many times a day you exchange digital information using either an Internet connection or a mobile device.
Despite the security hysteria, experts say there are simple ways to take steps to tighten up your Internet security — whether for your own personal or business use. CMSWire reached out to a collection of Internet security experts to find what's going on.
Is Internet security a growing security concern given recent massive data breaches?
Kate Westmoreland, lawyer and Fellow, Center for Internet and Society, Stanford University
Westmoreland is a lawyer and policy advisor with over eight years experience advising government and the United Nations on law enforcement cooperation, cybercrime and human rights. She is an expert in the domestic and international aspects of international legal cooperation, having negotiated treaties on extradition and mutual legal assistance as well as advising the Australian Federal Government on cybercrime policy. Tweet to Kate Westmoreland.
Internet security has been a real concern for many years. However, for too long, questions of internet security were only being taken seriously by small numbers of technical, legal and policy nerds.
The last year has seen the general public finally take an interest in these issues and realize that there are significant questions that need to be debated. The challenge now for developers, civil society, and concerned individuals is how to harness this attention and ensure that we use the momentum to drive meaningful change.
Marc Gaffan, Co–Founder and Chief Business Officer at Incapsula
Before founding Incapsula, Gaffan was Director of Product Marketing at RSA, EMC's security division, where he was responsible for strategy and activities of a $500 million IT security product portfolio. Before that, Gaffan was the Director of Marketing for the Consumer Solutions Business Unit at RSA. While at RSA, he appeared before the US Congress, FDIC and Federal Trade Commission on cyber security and identity theft topics. Tweet to Marc Gaffan.
As the Internet becomes an integral part of our everyday lives and the “Internet of things” is promising to interconnect everything with an electronic pulse, security concerns are on the rise.
Prior to “everything being connected,” crime was a lot harder to commit. In order to rob a bank, you needed to physically go to the bank, or in order to steal personal and business records, you had to break into an office and to scam people into giving you money, you had to get on the street and put on a credible act. Today, all that can be done from any country in the world, while sitting at home in your pajamas.
While the early adopters, which include the entrepreneurs but also the criminals, are finding new ways to drive their respective business, the moms and pops of the world have still not internalized the risks. This expands further with larger (and often slower to adapt) organizations, such as government agencies, that need to adopt the required measures to adequately address the risks at hand. Furthermore, in the electronic age, everything can end up “on the record” and will remain that way forever, increasing the “time window to steal the information” and significantly increasing the risk of compromise. It is a hard enough task protecting some of the data, some of the time, but protecting all of the data, all of the time is essentially “mission impossible”.
While organizations still need to step up and apply more security measures in place, they also need to assume that they are going to get compromised. These organization should therefore also focus on “breach identification and containment” and not only “breach prevention.” As one CISO put it, “I am assuming that someone will get in. It’s my job to ensure that they can’t get out or that they can’t take anything with them, on the way out.”
Kevin Breaver, Founder, Principal Information Security Consultant, Principle Logic
- Endangered Species: The Corporate Intranet
- Think Digital Marketing Technology: Think ... Microsoft?
- Multitasking? You're Killing Yourself for Nothing
- Forget Intranets, Give Me an ESN
- Microsoft's New BI Tool Plays Nice, Even With 3rd Party Vendors
- Are These Vendors the Best at Social Media Monitoring?
- Will Office 365 Destroy Consulting?