Identity is Security: I Need Your Attention, Please!

Another day, another Facebook mishap. This week in cybersecurity news, we spy another unfortunate headline for Facebook. As you probably remember, a few weeks ago news broke that Facebook stored millions of unencrypted user passwords in plain text. The kicker here is that it had been happening for years. Well, this week it got a lot worse. In addition to the password fiasco, data breach hunters found two Amazon cloud servers had been storing millions of Facebook-related records that were collected by two third-party companies. The data included information like account names, Facebook IDs, comments, likes, reactions and other bits of information used for analyzing social media feeds and user interactions. Yet again, the question becomes: is there a price for privacy? It seems our personal data has become a free-for-all and the issue isn’t going away anytime soon.

But, really, why is it so hard for us to pay attention to cybersecurity? This article in ZDNet caught our attention that poses that very question. With a daily dose of cyberattacks, hacking incidents, data breaches and leaks (Facebook) and malware campaigns, it appears that many organizations should now understand that cybersecurity needs to be taken seriously from top to bottom (never mind for us everyday folk who increasingly need to pay attention to the security of our own data). For example, in a recent survey we fielded with Forbes, 68% of executives believe identity governance is an important or highly important factor as digital platforms evolve. Almost half of those same respondents also admitted that they had experienced data breaches resulting from user access abuses. If you tie the two together, therein lies the solution to the problem. Unfortunately, many companies view a comprehensive approach to cybersecurity and identity as an expense rather than a necessity, or they lack the education and awareness on the topic. It is high time that we all pay closer attention.

Finally, let’s pivot to the world of healthcare, an increasingly vulnerable industry to hackers. This article from The Verge highlights a huge hole in the way the healthcare sector approaches cybersecurity. As we know, cyberattacks aren’t just going after your data. They want to disrupt. Researchers in Israel announced that they’d created a computer virus capable of adding tumors into CT and MRI scans — malware designed to fool doctors into misdiagnosing high-profile patients. The games hackers are playing are becoming more and more personal and scary. It’s critical to put systems in place that stop them before they get started.

With that, we leave you to wrap up your week. Let us know what security stories caught your eye.