With massive security breaches for Target (TGT) , Neiman Marcus, and Kickstarter among others coming on the heels of the Edward Snowden revelations, issues surrounding cyber security have started to come to the forefront. Now, possibly more than ever, companies are starting to think about what they need to protect and how they might go about protecting it.
That’s why the second panel on Sunday at the 26th Annual ROTH Conference focused on just this subject. At “What the Hack?!: Privacy and Data Security for Business in an Era of NSA Snooping, Cyberattacks, and Data Innovation,” moderator Christopher Wolf, a partner with business law firm Hogan Lovells, guided the five panelists through a lively discussion of the most relevant topics.
Wolf kept things interesting by structuring the panel like a game of Jeopardy, with panelists selecting a category, answering a trivia question, and then using this to expand on the subject in question. The panelists included Bradley Rotter, Chairman of Xcluud; Carl Wiese, CIO and Portfolio Manager with GROW Partners; Craig Spiezle, Executive Director for OTA Alliance; Fran Maier, Founder and Chair of the Board for TRUSTe; James Aquilina, the Executive Managing Director with Stroz Friedburg; and Mark Seifert, a partner with business communications firm Brunswick.
One focus of the panel was the range of different threats any company looking to protect its data has to consider. Whether it be a disgruntled employee selling information, organized criminals looking to profit, hactivists with something to prove, or even a foreign or domestic government entity, data safety can be breached by a variety of different people. And, in some cases, these categories can blend.
“That’s interesting, that’s an interesting question,” said James Aquilina when queried about which of the four categories of hackers Edward Snowden might fit into by Craig Spiezle. “Actually, insider. … I think to the extent that Snowden enjoyed permissions and access that was extraordinary as a result of his consulting relationship…that he abandoned his fiduciary duties…categorizes him as an insider.”
Another unique new security challenge explored at the panel was the growing phenomenon of BYOD, or bring your own device. With the increasing use of personal mobile devices for business purposes, today’s cyber security firms face an array of new potential breaches resulting from a lack of centralized control.
“I’m actually writing a blog called ‘Bring Your Own Disaster,’ because these devices have had unintended consequences,” said Craig Spiezle. “The IT world in the past was pretty much locked down. [They thought] they were corporate enterprises with firewalls and antivirus software and so forth. But then these devices walking right up to the middle of the perimeter and start connecting to things. [My smart phone] is the most dangerous device that I’ve ever held.”
“It’s very much increasing, and it will increase even more as we move into the inevitable internet of things,” he continued.
Many on the panel also lamented the lack of unified action from the federal government on this issue. As such, action has been left up to individual states and often lacks coordination. However, that doesn’t mean that private and public companies alike can’t take their fate into their own hands and take action to protect their assets.
On the whole, though, the panel remained focused on the fact that cyber security will be a fact of life moving forward, and those firms that fail to address this will suffer the consequences.
“At some point, the cost of not paying attention to security is outrageous. … Especially for smaller companies.” said Aquilina.
DISCLOSURE: The views and opinions expressed in this article are those of the authors, and do not represent the views of equities.com. Readers should not consider statements made by the author as formal recommendations and should consult their financial advisor before making any investment decisions. To read our full disclosure, please go to: http://www.equities.com/disclaimer