We’ve seen movie after movie where criminals pack into a van with ski masks and ram into a bank with weapons. Once they get their hand on the money, the robbers race off with a bit more cash in their pocket.
While old school theft is still an issue, nowadays we have the added pressure of maintaining security in the cyber world. A world where ramifications can be significantly larger than the latest bank heist.
Even in these older days, cyber theft was about credit card information and Lifetime’s latest special on identity theft. Many took a ‘that won’t happen to me’ approach. Well – today this is so far from the truth. Banking and financial firms depend on data. And while it’s all about that data, the recent breaches with a major U.S. financial institution brings to light the scale at which data can be attained and exposed.
In fact as the nation’s top financial executives expressed their concerns about how security risks could impact their companies’ bottom line, a new report by Deloitte shows how important cybersecurity risks really are at the board room level. The report found that CFOs consider cyberattacks one of the most threatening crises to impact organizations’ financial health.
Large ramifications and data exposure have shifted from an ‘oh I better replace my credit’ to real-world exposure. Just ask AshleyMadison.com. After hackers breached AshleyMadison.com, they released lists of registered individuals who had committed infidelities. With more than 40 million users at the time of the data breach, I can’t think of a breach that has made such significant impact in stressing the importance of security.
According to recent articles, hackers dumped 9.7 gigabytes on the Dark Web of AshleyMadison.com users. Files included account details and log-in files for 32 million users of the site. While the cheating site used a secure hashing algorithm, we need to emphasize locking down data – and not just password and billing information. By encrypting with strong access controls, users still have absolute control over who, how, when and where data can be accessed, regardless of where it resides.
On the financial front, last week, news hit that JP Morgan, Goldman Sachs and Morgan Stanley are creating a new entity to consolidate data to determine pricing and transaction costs By storing transactional data of three major financial institutions into one entity, this merger really stresses the importance of locking down data.
Ordinary employees, privileged users and the supply chain – such as contractors and third party service providers – are all conduits for criminals to attain access. As cloud and big data adoption accelerates, these new technologies also bring new risks to organizations with additional administrative roles and potential for infrastructure compromise.
In the past, organizations only encrypted for protection what they were forced to protect by compliance requirements. However, advances in encryption technology mean that it is now faster and easier to secure more data with encryption than ever before. In this day in age, we are putting more and more sensitive information online every day – so organizations, particularly financial organizations are getting their act together with longer term strategies.