Identity is Security: Risk Versus Reward
We’re seeing a lot of interesting developments in the ever-expanding world of data these days. This week, that took the form of the new Facebook Portal, which is Facebook’s stab at a home assistant. It’s an interesting announcement, especially timing-wise, from Facebook, given the heat they’ve been in over their recent data breach. While everyone is still chattering about that breach, it’s no wonder that this Facebook Portal has people questioning just how they plan to protect the privacy of its users.
This is quite timely after Apple’s CEO Tim Cook proclaimed that companies are essentially hoarding too much data on people while speaking at an EU privacy conference in Brussels. While data hoarding may not make for a good TLC reality show, it does make a good icebreaker for critical conversations on how companies are securing access to these stockpiles of data.
And let’s be clear, companies do hold a lot of data on us, much of it being data that we’ve readily surrendered. For businesses, we know it’s not ‘if’ but ‘when’ a cyberattack will occur. There is a mound of evidence to support this claim and the myriad consequences that follow, sometimes years later. Yahoo is still facing the effects of its 2013 data breach, and they are now paying $50 million in damages to help affected users with the costs associated with recovery from the breach.
We’d also be remiss to leave out the topic on the collective brain of the U.S. With the midterm election season in full swing, election security is taking its place at the top of our newsfeeds. One report out this week found that around 8 out of 10 Americans are at least somewhat concerned about tampering with election infrastructure. Not to state the obvious, but that’s a lot of people with their minds on security. And for good reason. While we’ve seen a slow increase in spending on cybersecurity, state and local governments are only spending about one or two percent of their information technology budgets on cybersecurity. That’s not enough to keep pace with the threat landscape facing government agencies today.
Ultimately, the question enterprises and agencies should be asking themselves is this: are we doing enough to protect our customers and their data?
You don’t have to answer that in the comments, but let us know what you’re reading in the news this week, and help us keep the conversations going on making security better for all of us.