CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | November 20159CIOReviewIn Skyfall, Raoul Silva was a formidable opponent because he was a mastermind at using raw government data to plot revenge on MI6. Admittedly, he had access to highly sensitive information such as employee records, safe-houses, structural vulnerabilities, etc. (it has to be somewhat challenging for 007, after all), but the way he was able to translate that data into a cohesive plan of action is what was interesting and scary at the same time. These are the skills that 21st century hackers need to have in order to make a hack worthwhile, but data analysis isn't typically on a hacker's resume.When a hacker finally gains access to a compromised system, there isn't a yellow brick road that says "click here for financial information" or "employee records this way!" Although hackers have a strong background in security and computer languages, not many know how to untangle a web of data and reorganize it. You've read about numerous security breaches on a range of companies, but how many times have you read about what hackers did with the information after the fact? I've never actually seen one. That is not to say that compromised data has never been used for nefarious purposes; I am just not convinced that it is widespread or that anyone has truly found a way to make tactical use of the information.Myth 3: Security Breaches are Malicious in NatureThe term "security breach" usually comes with a negative connotation, which is understandable, since I've never known the word "breach" to ever be used in a positive sense. However, I don't believe that it's the intention of most hackers to cause digital mayhem. As I stated earlier, hackers consider themselves to be elitists and just perform security breaches to prove they can be done. A recent Buzzfeed article notes that hackers want more credit and benefits for helping companies find vulnerabilities within their systems as opposed to wanting to sell the information on the black market. For example, one hacker found malware in Android's system that could have affected more than 95 percent of phones on the market, but the discovery was reported to Google and not sold on the black market. Imagine what someone could have done with this information had it fallen into the wrong hands?We are still in the early stages of cyber security, which is a good thing when you consider that data is still only data to most hackers. There is a steep learning curve that most hackers haven't conquered yet. For companies to properly address cyber-security, it's important to take a proactive approach and even get ahead of the curve. Companies with knowledgeable experts, a sound security strategy and a tightly run program fare the best and often have people that know more than hackers. Furthermore, executives need to get in the security game. They need to learn the lingo, get to know their security technicians and play an active role in the effort to keep corporate information safeguarded--not only for the company, but for employees as well. And perhaps most obvious--companies need to get in the habit of destroying records that are not critical to keep for the long term; just because there is the endless bandwidth and storage to house digital information, doesn't mean you should keep it. Just like James Bond will always have a villain to conquer, we will always be faced with hackers who are up to no good. But remember, there are lots of do-gooders out there. They far outnumber the bad guys and are usually smarter, too. The reality won't make for a good James Bond film, but when it comes to cyber security, the less drama the better. For companies to properly address cyber-security, it's important to take a proactive approach and even get ahead of the curve
< Page 8 | Page 10 >