At the beginning of this year, various industry pundits (myself included) predicted escalating threat levels from cybersecurity breaches as increasingly sophisticated hackers and cybercriminals went after big-name companies and government institutions. Given the events of the past few months, I have to say that, unfortunately, the pundits were right.
Improving market conditions have accelerated the adoption of mobile technologies, social media, cloud computing and, of course, e-commerce. All of those present juicy new opportunities for the Black Hats of the world to roll up their sleeves and work on their phishing schemes, social engineering attacks, smartphone viruses and all manner of cyber sabotage.
In just the first six months of this year, leading organizations such as Sony, RSA, NASA, PBS, the International Monetary Fund, Citigroup, Lockheed Martin and, most recently, The Washington Post and Apple reported security breaches.
The Pentagon has concluded that computer sabotage by another country could constitute an act of war, and President Obama calls the growing number of network cyberattacks “one of the most serious economic and national security threats our nation faces.”
So when a hacker group like Lulz Security (the Sony and PBS attackers) pops up to deface an FBI affiliate website, harvest passwords and threaten NATO as its next victim, what are we to do? How do we stay prepared for the LulzSec copycats who will inevitably follow?
In a recent CIO roundtable, every executive present said that as mobile and digital strategies become essential to their business, cybersecurity has become a top concern for their company boards and CEOs.
And consider this: When Sony announced its fiscal 2010 financial results, it posted a loss of $208 million in operating income due to the Japanese earthquake and tsunami, one of the worst natural disasters in our lifetimes. Yet Sony also lost $171 million as a result of its Playstation Network security breach. Pretty scary how similar those amounts are.
There are no easy solutions to any of this, but taking proactive protective steps is clearly essential to the safety of your enterprise. “Analyze your defenses,” the experts advise, and pay serious attention to covering the security basics.
Let’s hope that next year, the pundits will get this one wrong.
Michael Friedenberg, President and CEO