“Unsecured Economies: Protecting Vital Information”
This is the conclusion to “Unsecured Economies: Protecting Vital Information“, a study of the current and future state of information security in the age of “Economic Downturn” A document that I would hasten to add that all information security professionals read, think about, and then push it up the food chain to their C-level executives.
All too often the “C” class is out of touch or uninformed about the in’s and out’s of information security, never mind the rudiments of proper password complexity. This document and a good program on infosec should be made available to all front line execs in companies across the globe. One hopes that this would happen even on a small scale, but, I think that all too often this type of information just does not reach the exective level, never mind actually is cogitated by them.
Now with that said, lets look at the picture now that we have an economic downturn of epic proportions on our hands. Layoffs are rampant, people are hurting, and if I were a sneaky individual *wink* I would use this time as a real opportunity to make a killing. How many companies out there would LOVE to not have to spend all their money on R&D and instead pay a smaller sum ( by comparison to actual R&D costs say on a pharmaceutical) to an industrial spy than spend it on actual research and development. Now picture that industrial spy as being a newly laid off, with an axe to grind and a mortgage payment to make, former employee.
The Current Economic Downturn May Be A Perfect Storm for Security Breaches
So, given the mass layoffs, the cutting of budgets, and the often stupid move on the part of many corporations in cutting security out as a “cost center”, we have the “Perfect Storm” for IP loss. Interestingly, at the same time Big O’ is hiring on Melissa Hathaway and giving her marching orders to “fix” the infosec problems of the nation.
“May you live in interesting times indeed..”
So, lets see what plays out. On the one hand we will have the greedy piggy bottom liners who will cut to the bone, not pay attention to security, and have IP leaving their places of business, or better yet, as in the case of Fannie Mae, logic bombs placed in their networks. Once the shit hits the fan who will be crying? Take heed of this paper people. Instead of cutting to make the books look good in the short run, how about you all out there secure your networks, insure your employees understand the security policies and actually secure your shit.
Will it happen? I don’t think so. Unless Big O’ actually makes some mandates and the bills are passed into law. Then we will see some traction… Maybe…
Perhaps its a good time to be a bad man huh? Some could make a killing… Oh hell, given the recent ATM cybercrime alone this last month some already have!