Data Security Challenges in the All Too Public and Not So Private Sectors

October 31, 2012 - 0 Comments

What an incredible time to be in Information Technology! Look at what has been transforming right before our very eyes in just the past two years. Exciting? Yes! Humbling? Yes! Scary? Absolutely…

While we are engrossed in watching these new technologies slowly become part of our everyday environment, we are constantly reminded that there is a dark side to all of this that, at times, we often brush aside as we intone, “It can’t happen here, not to us!”

The new technologies that are swelling and consuming us are mobility, collaboration, and the virtualization of our environments. The mobility part is really giving us fits and BYOD has been in the forefront of Cisco’s security portfolio – Cisco can help you deploy a validated, end-to-end, “bring your own device” (BYOD) solution.

Within the realm of collaboration we have data that we are sharing every day with customers and partners and we are truly worried about protecting that data which is no longer under our control.

In the area of virtualization, we ask, how can I be confident that data center operations are sound and that my data is secure? Because at the end of the day, it is all about your data! Its confidentiality, integrity and availability.

So with all that is going on in the realm of new technologies and capabilities, we cannot forget that there are those that would rather create havoc either stealthily or overtly.

We have seen the growth of a criminal element that I like to call the “Three Tines on a Pitchfork.”

The first tine has been around since the Internet was created—the lone hacker skilled or unskilled with a desire to disrupt operations, steal data, or just cause an incredible amount of angst.

The second tine are the incredibly well-organized groups, be they criminal organizations seeking monetary rewards or Nation States seeking to disrupt, steal, harass their perceived enemies.

The third element is the hacking collectives that have resurfaced after years of inactivity. These groups may not be looking for money or fame but rather are seeking to make a statement at your expense.

It matters not which of these elements targets you, what matters is if you are equipped to face the challenge, stop it, and recover. Because there has never been a time when IT has been more important than it is today. I remember reading many articles over the past few years about how IT needed to align with the business units—to understand business—to make themselves attractive to the business units. Today, the business units are aligning with IT simply because it’s what moves our days, takes us into the marketplace, allows businesses to grow and become successful in this environment. The criticality of IT is high and we can ill-afford to see our networks down, hacked, or compromised.

Keep thinking of four important words:

  • Understand: You are a target for the hacking community and it matters not the size or location of your business or agency
  • Educate: Continue the education of your workforce regarding behavior on the Internet and this is done 12 months out of the year and not just in October during Cyber Security Awareness Month.
  • Collaborate: Something we don’t do well in IT. Talk to each other—other businesses, agencies, schools…The hacking community talks to each other all day long. A concept we need to embrace.
  • Prepare: Prepare for that eventuality when you give up data because it will happen, it’s what you do in the first few hours that is so impactful.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.