Corporate Cyber Security
On many fronts, corporations are our first line of digital defense. Many are active players in monitoring cyber-security incidents. Some are deeply engaged in public-private partnerships like Infraguard, an association of businesses, academic institutions, and state and local law enforcement agencies, and are dedicated to sharing information and intelligence to prevent hostile acts against the United States.
Some industries, like the banking industry, have joined forces to combat cybercrime recognizing they can accomplish far more together than any single entity can on their own.
We need more corporations to recognize their role and increase the protections they have in place. They are entrusted to hold our personal data, financial data, and in some cases even our medical data secure. Corporations run the very infrastructure on which the country and our national security depend. With this in mind, the crumbling economy and the corresponding layoffs, budget cuts, and focus on revenue generation versus infrastructure gives cause for concern.
Fueling these concerns is some newly conducted research by the Lieberman Software Corporation that found:
- Though security threats continue to escalate, cost-savings is the major driver of IT spending: cost-savings initiatives accounted for 53.6 percent of IT spending, protecting information assets from security threats garnered only 15.2 percent among survey respondents.
- 75.9 percent of survey respondents said that the current economy has impacted security concerns at their organizations, and 60.7 percent of respondents work at organizations that have reduced their IT budgets in 2009.
- While most organizations focus almost entirely on external threats, disgruntled employees and former employees pose a very serious risk to security.
This threat has been driven home by the recent series of high profile data breaches at companies like Heartland, Monster, and TJX where with often no more than a single captured password, an unauthorized former or current employee has gained unrestricted access to critical data on every system on the network that used the same credentials. Lieberman states in his findings that "Insider threats are now the root cause of most data breaches, whether by malicious acts or accidents.”
As we move forward in the internet age, the actions of corporations will have increasing impact on the security of us all.