By Tanu Sood on Apr 26, 2013
Author: Ricardo Diaz
Vast majority of global cyber-espionage emanates from China, report finds -Washington Post April 2013.
The economic threat of cyber crime is serious, has and will impact our daily lives and unfortunately been a threat most businesses haven't taken serious for decades. Rather, for decades, we have mis-directed our efforts to focus elsewhere as opposed to what really needs to be protected - our data or intellectual property. Economic Espionage is a threat you, your business and organizations you do business with should take a long, hard look at before your next security investment.
Mis-directed? You know what I am talking about. Consider what we think about the "real threat" of cyber crime. Some punk teenage hacker, hyped up on Redbull and Pixie Sticks, whose sole focus is to create havoc by breaking into your home PC or defacing your corporate website before he runs off to his next all night rave. This is the common portrayal of threat that we come across on media. Unfortunately this highlights a common misconception that most security threats are carried out to either hack your wallet or hack some government facility to crack into a top secret military facility.
Why would a major World Power be interested in our corporate data? Simple... It's the power of economics and competitive advantage! The economic impact of losing corporate intellectual property to a competitor, most business executives understand. What they don't understand is where is the threat coming from, if this ever happens to them and how common economic espionage attacks happen frequently and not from traditional places or people we thought.
Still, how does this impact you? Well, "everyone gets burned if you think about it", is how a fellow security mate of mine put it. The cost of data loss = loss of credibility, stock price going down, liability lawsuits, cost of compliance, brand tarnished and maybe your job. It may impact your job because not enough investment may be made in your projects, additional resources or financial incentives cut down, meanwhile as you send out your résumé, how attractive is it to put that tarnished company name on it? Not very!
Everyone is impacted!
What specifically is under attack or being stolen? It's not the devices or the systems but the data on it. What is the bigger threat? Losing your iPhone or losing the data with those passwords on it? Yes, that's right... The threat of Data loss, now more than ever, not only is on the inside of your business but now travels in our pocket, bags and purses of your employees everyday. Thank you BYOD to work!!So, what is to be done? Secure the data by building data security controls and access controls and of course building a compliance process around it all to keep it all in check and prove compliance. Realize security is not orthogonal to business growth/profit, Security can save the cost we talked about earlier and actually create business opportunity (reach out to new customers using secure social media, attract new talent with BYOD, bring agility with secure cloud). We just need to think differently about security – it is not wires, padlocks, just firewalls or multiple authentication controls; instead we should take a holistic approach to securing your data.
Hence why I love working at Oracle and with the global security team. There is no better place for a security technology aficionado than at Oracle. Massive R&D investments in security acquisitions (over $1 Billion In Identity Management since 2004), industry leading technology (Leaders position in Magic Quadrants in Identity Management for years), a plethora of thought leaders and cutting edge innovations (e.g. Oracle Mobile and Social Access Management - see SUPERVALU use case) are the hooks that have kept me planted at Oracle for the past 9 years. Where else can one find a security technology solution to enforce Separation-of-Duty (SoD) policy, automatically across the enterprise? Only Oracle.
The economic impact of security related threats to your business is real. Pay attention to WHAT is being stolen (corporate data - intellectual property) in these cyber crime attacks! In this day and age, gaining a competitive advantage has never been easier thanks to cyber espionage. Why develop or research when I can appropriate what I need via my competitors weak technology infrastructure, information security policy and process??
This risk can be mitigated and reduced, significantly, by investing in a risk intelligent, Oracle enterprise security architecture, built to Secure the Digital Experience, Data Centers, Applications and The Cloud. Learn more at www.oracle.com/security
Image Courtesy: thehackernews.com, siliconangle.com
Who is Ricardo Diaz?
Husband, father, technologist, identity management, security and privacy adroit, CrossFitter, ESPN addict and dog lover!
For the better part of my 17+ years as an enterprise security architect, consultant or business advisor, I have traveled many miles across this great planet of ours, to sit down with customers to help evaluate and better understand what the real threats are, how important it is to protect their data/users and put the proper controls/policies/processes in place to mitigate risks.