In my personal quest to assure that I acquire as much relevant information and knowledge as possible, last Thursday, I attended the BlackBerry Security Summit, in New York City. This forum opened my eyes wide to the many issues and challenges organizations of all sorts (including not-for-profits, government agencies, businesses, hospitals/ medical centers, insurance/ financial services companies, etc) are faced with in today’s ever-more digitally dependent world. While computerization, mobile access, etc., in many ways simplify our lives and add efficiencies (and save time), they often leave the group and the individual vulnerable to computer hackers.
1. The reality is that security is only as strong as its weakest link. Conventional approaches include using numerous vendors to secure specific areas, and then coordinate them in some sort of patchwork manner. Only when this procedure uses an end-to-end approach and philosophy, can all possible vulnerabilities or weaknesses be addressed. The conventional approach creates security check-boxes, rather than committing to a system where addressing key issues are integrated throughout everything, in a simple-to-use way. Only when the network is based on the concept of enabling all aspects of communication, and data is secured at every step, can the overall protection be assured. Rather than merely focusing on the endpoint, make certain it is data-centric. All too often, protection is reactive, rather than being proactive in nature.
2. What do hackers search for? Basically, any data they can use to achieve another goal they embrace! This is often used to gather personal identification such as Social Security issues, etc. Some hackers seek ultra – private information, in order to weaken governments, businesses, etc.
3. Studies show that 94% of companies have faced some sort of security threats. There has been extensive news coverage about some of the more-famous hacking, including the one that impacted companies such as Home Depot, Target, and so many other famous companies, as well as the hacks of private information the government possessed regarding some of their workers, etc.
4. Too often, there is a focus on what has happened to others, in the past. However, being thorough means being proactive, and addressing not merely basic data breaches, but also recognizing that voice communication, cloud-contained data, mobile-network communication, and specific issues and challenges faced by organizations that require more attention, such as governments, larger corporations, hospitals and medical information/ processing, etc., must be proactively addressed.
5. What are IT managers seeking and hoping for? It begins with genuine peace-of-mind, in all areas that might impact protecting his organization, including the network itself, emergency handling, supporting a variety of devices, addressing cloud vulnerabilities, and personalizing their network to address the specific issues/ niche facing their group.
It is important to understand that this is a very real danger, that must be understood and proactively addressed. This discussion is simply the tip of the iceberg, and my hope is that it will whet the appetite of leaders, to learn more and develop a quality strategy. This will not go away on its own!