Change happens quickly and dramatically in the cyber world. Examine how the cost of hard drive storage has gone from around $200k per gig to less than $0.03 in just 30 years. By 2020 there could be 50 billion devices connected to the internet, multiplying at a rate much faster than that of the human population. In fact, only about 54% of current internet users are human. Many organizations have shifted away from on-premises storage to the cloud, spreading out and connecting to data across the globe. In 2003, California enacted the U.S.’s first data breach notification law and now all 50 states have similar regulations. As one can see, the cyber landscape — from devices to data and legislation to digital connectivity — is experiencing startling growth and change.
Problems arise when our drive for increased information access is not balanced with the necessary level of security to ensure the integrity and confidentiality of this information. Compounding this problem, software code is constantly evolving and new vulnerabilities are being discovered along the way. Cybercriminal exploits can include these two attack vectors: 1) the ability to deceive, impersonate and compromise people and/or 2) the ability exploit vulnerabilities in code and modify or compromise hardware. Enterprises face an environment in which cybercrime is projected to cost $6 trillion by 2021, while spending on security products and services is expected to top $1 trillion by 2021.
Enterprises of all sizes, financial systems, critical infrastructure and even nation states find themselves in the midst of an ongoing cyber war in which the stakes are critical. This new norm threatens a business’s the ability to maintain a competitive advantage and continuous operations. Enterprises must also now navigate a changing regulatory landscape. The EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), for example, establish new mandates on the nature of personally identifiable information (PII) with a broad definition of what constitutes “personally identifiable.”
If your personal information has value to you, it probably has value to others. It may have been among than 7 billion private records exposed by data breaches in 2017, or a seemingly innocuous item that is publicly available through social media or other sources. Advances in technology and data science allow for more sophisticated analysis and insights than ever before, which play into the ever-evolving cyber war.
If you have a complete solution to the problems outlined above, please notify me so we can implement that solution for the benefit of all. If not, consider the following.
The first step in surviving the cyber war is understanding how to manage risk in general. This will allow you maximize your limited resources, minimize exposure and get the most value from the insurance you purchase. The following steps will put you on the path to protecting yourself, your business and your critical data:
Co-authors: Howard A. Miller, CRM, CIC, Senior Vice President, Director of Tech Secure® Division, LBW Insurance & Financial Services, Inc. and Michael Flavin, Valeo Networks.