With the start of a new year several items have emerged as being worth keeping an eye on. I always turn my eye to Kroll, who have consistently had their finger on the pulse in the corporate world. The report this year seems rather ominous, and focuses on what companies may have overlooked that could prove rather costly.
For example, if you happen to own a small business, running everything on a laptop computer, chances are very good that you would be hard pressed just to tell everybody that their information had been lost. With larger companies, IT experts that respond to the breach could destroy evidence of how it happened in the process of fixing it. Yeah, they have ways to do it without destroying that data, giving forensic information to the digital police.
Probably a good idea to keep that intact. Check.
The term Vampire Data showed up in the report. I grinned, remembering the Buffy meets Edward meme someone posted on my wall the other day. Kroll goes on – "organizations can be bitten by the data they never knew they had."
*smirk* (Alright, I get it – kinda funny, right?)
What they're talking about is data that "just doesn't seem to die..." They mention things like magnetic tapes that are decades old; they should have been destroyed and long time ago, but are still in a box in the back of someone's car, things like that. They talk about employee practices, storing information for personal use or reference during the performance of their regular job in a manner that leaves your company open to a data breach that simply should not have happened. That's their words, not mine.
The vampire data title was probably meant to soften the blow by giving you smile first. The true reality that Kroll is foreseeing is an increase in what they described as cyber terroristic attacks and warfare.
They have a rapidly evolving ideology and agenda-namely, they are coming to destroy to a secure network, they erase pertinent data, wreake havoc with physical equipment, and ultimately take your company down.
They mention broad stroke details of just such attacks in 2012. Chunks of digital identities were lost throughout entire networks. It sounds almost like bad science fiction, but such is the world we now live in. The proof is in the reaction of the corporate world, which generally has been one of great concern. Security companies and Federal agencies get involved. Although studies have shown that doesn't drop as dramatically as some had predicted, public perception drops. But the data has value of its own, and companies are hard pressed to maintain it.
One trend that seems to be continuing throughout the decades is for leaders to adopt business practices that address such issues before required to do so by law. Given the common sense nature of these recommendations, it can only be a matter of time before some legislation crosses the table addressing these and other issues related to digital privacy.
Companies in 2013 will want to have a good inventory of what data they have on hand, as well as the privacy policies they use to protect that information. FACTA requires somebody in your company who is responsible for Data Security, and trained in information security. For the home based business, this is usually you, or your wife. (If you're reading this, it's you.)
The concern has become so serious that Forbes warned retailers that "Cyber Insurance Policies" may not cover as much as the retailer thinks it does. This is the corporate echo of the same misinformation we have in our daily lives. Perhaps now, since we must deal with it in the corporate world, we will begin to be more aware of when we ask people for their information, as well as who we give ours to, and the sorts of questions we will ask surrounding the transaction.
For the most part, the story seems to be that cyber attacks are evolving into something more malicious, more personal, and more targeted. In fact, there is a great story pointing to the fact that the affluent are becoming more popular targets for identity theft; but perhaps that is the story for another day.