FINAL WORD
Businesses are advised to be proactive in their countermeasures. The lifeblood of countless companies is now their data. A couple decades ago, the stereotypical chief information officer (CIO) was a back-office guy with halitosis who wrote Star Trek fan fiction in his free time. Interactions with IT support often involved some disaffected techie telling you to “try restarting your computer” for the 10th time. Now the CIO at any large company is increasingly thrust into the role of a corporate digital-warfare specialist. For tech companies, the title of CIO is close to CEO and CFO on the organizational chart, and their compensation is the envy of most lawyers I know. The guy or gal who can shut down or fix a distributed denial-of- service (DDoS) attack on your company’s website is more valuable with every mass data- breach incident that hits the news cycle. A good IT desk can be worth its weight in gold. Indeed, on the expert side of the cyber equation, business is booming. Spending in the sector is estimated to be in the hundreds of billions of dollars worldwide. Given that estimated losses caused by data breaches are expected to be around a trillion dollars There is only so much the good guys ("white hat" hackers, in cyber parlance) can do to stop the bad guys ("black hats").
in 2018, it’s unsurprising to see the shift in corporate culture from cybersecurity as a side project to major priority. Despite the flood of resources, there is only so much the good guys (“white hat” hackers, in cyber parlance) can do to stop the bad guys (“black hats”). A big part of the problem is that very few people understand any of this stuff. Your average corporate employee in America is woefully underprepared to function in the hostile cyber world. And it is your employees – flesh-and-blood human beings – who are the biggest liability when it comes to hacking. Many of the worst data breaches in history were not the result of some high-tech evil genius who started hacking the NASA website for fun when he was 12. No, hacking most commonly relies on what is euphemistically called “social engineering” – exploiting the overworked cubicle workers of the world to just click on one dumb thing, one time. It’s much easier to fall prey to this type of “phishing” attack than any of us want to admit. You are no doubt savvy enough to avoid sending your bank routing information and Social Security number via e-mail to a Nigerian prince who wants you to help him spend his fortune. But an official-looking e-mail that says “IRS request for information” or a Facebook message with “you have to see this photo Bob tagged you in” might very well get you to click on just one link.
“
82 | July 2017
Made with FlippingBook HTML5