Share This Article:Share on FacebookTweet about this on TwitterShare on LinkedIn

Whether it’s gold on a galleon or intellectual property in a cloud server, treasure attracts pirates.

And, as in the Gold Rush a century and a half ago, people’s enthusiasm for fortune can cause them to move too fast—before they understand all the risks. As a result, “the cloud” has become increasingly riddled with data pirates—and it’s up to IT to protect it.

Until then, data pirates will continue to gain ground, increasing the risk for everyone. Here are four things to keep in mind when building your defenses…

Rough Seas In IT
In 2014, 43% of U.S. companies experienced a data breach, according to research by the Ponemon Institute. Even among the Fortune 500, breaches are increasingly common.

Data pirates now threaten even the security infrastructure of entire countries. South Korea is considering giving every citizen a new national identification number, because an alarming 80% of citizens have had their data stolen.

Why does cloud adoption continue to flourish, even in credit-card-shy countries such as India and Germany? It’s simple: The benefits of cloud are too big to ignore. Cloud lets businesses hasten productivity, improve decision-making, target advertising, and gain a competitive edge.

Would You Like a Latte With That Spam?
Today’s pirating circles (often referred to as “blackhat services”) are nearly as refined as the cloud services they are attacking. They’re as on-demand and real-time as your same-day delivery app.

Recent reports by Symantec and Dell found an unsettling variety of these services that go far beyond offering credit-card numbers online (for between $4–$7 each). Blackhat groups offer spam-as-a-service, charging by bundles of thousands of email addresses. They rent botnets by the hour, and order a Trojan horse to divert bitcoins into a requester’s coffers.

Build first, Protect Later
From the creation of the automobile to the virtualization of computers, technology follows a familiar trajectory: First it’s built. Next it’s adopted. And eventually, it goes mainstream.

But, it’s typically after wide adoption that providers develop strong controls to keep the bad people out. The problem is that data pirates have been keeping pace since the beginning, plundering the data seas with near impunity.

Batten Down the Hatches and Hide Your Gold
The first step in the battle is to realize that these pirates are relentless – and are in it for the long haul.

Pirates will strike. And inevitably, IT is the one left cleaning up the mess—or at least trying to protect the ship.

So how do you protect yourself in a cloud where pirates are as agile and sophisticated as your soldiers? You need to mobilize your entire workforce to help outmaneuver them, and protect your business.

Today’s IT departments work feverishly to secure their cloud environments—to prevent users from dangling the data equivalent of gold doubloons in front of hackers. But IT should also embrace its internal customers’ need for cloud services, proposing solutions that don’t hamper productivity.

Back in the Gold Rush era, miners had a choice: carry gold visibly on their body, or hide it. Those who chose to hide it were harder to target. Not only did robbers have to figure out if miners carried gold in the first place, but they had to take the time to find the gold.

You want your end users to feel the same way about their data on the cloud. So…

  1. Instill a sense of urgency in users by helping them understand how and where pirates strike.
  2. Make data safety a priority, establishing repercussions for poor practices.
  3. Help users realize the limits of IT’s oversight.
  4. Instill new habits in your users by teaching them not to take consumer apps for granted.

Only when you mobilize your workforce will real prevention take place.

A Coordinated Armada
Just as it took years for navies worldwide to coordinate activities to stamp out piracy on the high seas, an enforcement framework for cybersecurity is still in the future.

However, there are signs on the horizon: The National Institute of Standards and Technology recently released a cybersecurity framework, and industry groups such as the Retail Industry Leaders Association now collaborate to address threats.

The Bottom Line
For now, the best protection is to take security into your own hands. This means helping your users understand that gravity of the threat.

Pirates like nothing more than an easy target. So don’t let your business run up the white flag without putting up your best fight.

 

security, privacy, cybersecurity

 

*The original post appeared in CIO.com.

Comments are closed.