CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | November 20158CIOReviewIopinionin my"Corporate Considerations: Dispelling the Myths of Cyber Security"By Neil Jarvis, CIO, Fujitsu America, Inc.n the blockbuster hit, "Skyfall," James Bond's mission is to find and stop Raoul Silva, a former British agent who felt betrayed by "M" and his government. As it goes, he decides to take revenge by stealing critical information that could bring down MI6 and the world at large. Naturally, there were shaken martinis, explosions, shootouts and hand-to-hand combat, but the primary threat was not a physical one but rather a digital one; critical information stored on computer drives and servers that had the potential to usher in a world of chaos.The movie is classically Bond with its over-the-top storyline and risk of worldwide destruction. And while there are some similarities to the real world, I must admit that the reality of cyber-attacks is far less sensational and doesn't have quite the glamour of a typical Hollywood blockbuster. To be sure, cyber security is an important issue that the world at large is dealing with today, where every day we hear of a new company that experiences a security or information breach. But the fact is, cyber security is a broad and often misunderstood topic, and there a few myths that are worth dispelling. Myth 1: All hackers are looking to steal your identityTake a second and think about how much of your life is stored digitally. If you really took the time to take stock of all your sensitive personal information, I would venture a guess that more than 90 percent of it is stored online. This isn't a bad thing--it's a convenient timesaver that makes life easier. Are there people out there looking to steal this information? Sure, but consider this: most hackers see themselves as intellectual elitists--people who would not waste their time stealing an individual's identity when they can achieve far greater fame by gaining access to large, complex systems at well-known targets. In this regard, corporate information is a highly sought after commodity, as it gives a hacker credibility and notoriety within their community and it can be financially beneficial in the long run; higher risk for higher reward. Let's imagine that a hacker gains access to a discount retailer's network by creating a backdoor on a compromised system and successfully installs malware to steal sensitive company information. Let's now assume that this information was sold to an unscrupulous competitor seeking the inside scoop on internal business processes, customer information or sales data--information that would give them a competitive advantage and bolster their bottom line. In this sense, you can see why a hacker would target corporate information vs. personal information. However, data by itself isn't everything it's cracked up to be as we see in the next myth.Myth 2: Data is ValuableOne of the major misconceptions that people have of security breaches is that data is inherently valuable. The truth is, when a hacker gains access to a network, they target data with the hope that disparate items can be somehow organized to create meaningful, usable information. Data is just data; unless a hacker knows enough to make sense of it all, he or she is going to have a difficult time generating any insights from it. Neil Jarvis
< Page 7 | Page 9 >