Posts tagged "information"
Your national security depends on the job you do educating your children.
Here’s an alarming wakeup call: a task force led by former Secretary of State Condoleezza Rice and Joel Klein, former chancellor of New York’s school system has issued a stunning report. They warn that the nation’s security and economic prosperity are at risk if America’s schools don’t improve. The task force consists of 30 members with backgrounds in education and foreign affairs and was organized by the Council on Foreign Relations. As reported by the Associated Press, the report cautions that far too many schools fail to adequately prepare students and that “The dominant power of the 21st century will depend on human capital. The failure to produce that capital will undermine American security.” A shortage of skilled workers is expected to get worse as the current work force retires. The task force said the State Department and U.S. Intelligence agencies face critical shortfalls in the fields of foreign language, science, defense and aerospace. And so, it’s not a stretch to realize that no matter how diligent we are about educating people and businesses to protect their identities and information and to develop safe habits, the problem is ever so much more complex.
In the first part of this article series, we discussed why it is so important to protect your business data, including the first two steps in the protection process. Once you have resolved the underlying human issues behind data theft, the remaining five steps will help you begin protecting the technological weaknesses common to many businesses.
- Start with the humans.
- Immunize against social engineering.
Everybody wants your data. Why? Because it’s profitable, it’s relatively easy to access and the resulting crime is almost impossible to trace. Take, for example, Sony PlayStation Network, Citigroup, Epsilon, RSA, Lockheed and several other businesses that have watched helplessly in the past months as more than 100 million customer records have been breached, ringing up billions in recovery costs and reputation damage. You have so much to lose.
To scammers, your employees’ Facebook profiles are like a user’s manual about how to manipulate their trust and steal your intellectual property. To competitors, your business is one poorly secured smartphone from handing over the recipe to your secret sauce. And to the data spies sitting near you at Starbucks, you are one unencrypted wireless connection away from wishing you had taken the steps in this two-part article.
Just for a minute, put yourself in the shoes of Anthony Weiner. You’ve done something exceptionally stupid, whether it’s sending sexually explicit photos of yourself to strangers you don’t even know, or another unrelated mistake. To compound the stupidity, you involve social networking – you Facebook or tweet or YouTube the act – or even simply email details of what you’ve done.
Everyone of us makes impulsively bad decisions (probably not as bad as Weiner, but bad nonetheless). Prior to the internet, you at least had a chance to recover from your past transgressions, as there wasn’t a readily accessible public record of the act unless you happened to be caught on tape (think Nixon, Rodney King, etc.). But now that pretty much every human carries either a camera or video recorder with them at all times (mobile phones), can communicate instantly with a massive audience (Facebook, Twitter, SMS, blogs), and have access to more information than exists in the Library of Congress just by pulling up Google, the equation of how you control sensitive information about yourself has changed radically. Every stranger (and even friend) is like a full service news station with video, distribution and commentary, just waiting to report on your missteps.
We’ve all done it before – left the table to get a coffee refill or go to the bathroom and left our laptop, iPad, smartphone or purse sitting on the table. We justify it by telling ourselves that we are in a friendly place and will only be gone a second. Our tendency is to blame technology for information theft, but the heart of the problem is almost always a human error, like leaving our devices unattended. Realizing that carelessness is the source of most laptop theft makes it a fairly easy problem to solve.
My office is directly above a Starbucks, so I spend way too much time there. And EVERY time I’m there, I watch someone head off to the restroom (see video) or refill their coffee and leave their laptop, iPad, iPhone, briefcase, purse, client files and just about everything else lying around on their table like a self-service gadget buffet for criminals and opportunists alike.
The Egyptian government has reportedly cut all access to the internet, extending their earlier restrictions on Twitter, Facebook, BlackBerry service and other forms of mass communication. The ban is likely to be in response to the use of social networking sites to organize pro-democracy, anit-Mubarak demonstrations in Egypt and other countries.
Internet access issues in Egypt have coincided with mounting demonstrations in the country, many of which were organized via social-networking sites like Facebook and Twitter. Thousands poured into the streets of Cairo starting Tuesday to protest failing economic policies, government corruption, and to call for an end of the nearly 30-year rule of President Hosni Mubarak. -PC Magazine
Pro-gun lobbyists worry about enforced gun registration because it could possibly give the government a way to confiscate all firearms. That’s child’s play compared to their ability to shut down access to the critical tools we use every day: the internet, email, Facebook, Google, text, cell phones – the information arsenal that we all tend to take for granted. Egypt understand the importance.
If you need a world class example of the adage that INFORMATION IS POWER, look at the recent kerfuffle WikiLeaks has caused. Since threatening to release more than 250,000 U.S. diplomatic cables, WikeLeaks has experience a rash of cyber problems (none attributable to the U.S. Government, but it does make you wonder…):
“The site’s efforts to publish 250,000 diplomatic cables has been hampered by denial-of-service attacks, ejection from its server host and cancellation of its name by its American domain name provider. Each time WikiLeaks has worked out other arrangements to bring the site back online.” – By Charley Keyes and Laurie Ure, CNN
During a recent 60 Minutes interview, I was asked off camera to name the Achilles’ heel of an entire country’s data security perspective; what exactly were the country’s greatest weaknesses. The country happened to be New Zealand, a forward-thinking nation smart enough to take preventative steps to avoid the identity theft problems we face in the States. The question was revealing, as was the metaphor they applied to the discussion.
Achilles, an ancient Greek superhero — half human, half god — was in the business of war. His only human quality (and therefore his only exploitable weakness) was his heel, which when pierced by a Trojan arrow brought Achilles to the ground, defeated. From this Greek myth, the Achilles’ Heel has come to symbolize a deadly weakness in spite of overall strength; a weakness that can potentially lead to downfall. As I formulated my thoughts in regard to New Zealand, I realized that the same weaknesses are almost universal — applying equally well to nations, corporations and individuals.
I became a professional identity theft speaker because my business partner used my identity (and my business’s impeccable 40-year reputation) to embezzle more than a quarter million dollars from our best, most trusting customers. Thanks to drawn-out criminal trials and a seriously impaired lack of attention to my business, I suddenly found myself without a profession.
So I wrote a book about my mistakes, and with a little luck, it led to a speaking career based in first-hand experiences with data theft. The formula works – sharing my failure to protect sensitive information and losing just about everything as a result – my wealth, my business, my job and nearly my family – is a powerful motivator for audiences, both as individuals and professionals. People only understand and act upon the corrosive nature of this crime when they can taste it’s bitterness for themselves. My goal has always been to provide a safe and effective appetizer of data theft that convinces audiences to feed on prevention rather than recovery.