There is a wide body of people that believe they are sending information private because they are sending using Microsoft Office 365, Gmail, or using a third-party service that sends all messages using transmission layer security.
With the recent media focus on cybersecurity, whether it is talk of Russian hackers scheming to influence US presidential elections, or the pervasive pressure to comply with GDPR or HIPAA (healthcare privacy regulations) or other consumer data privacy requirements, “encryption” is one of the solutions that is often introduced.
Many, many software service sales professionals throw around security phrases to make cyber security sound simple. Today, as technologies advance and threats get ever more sophisticated, encrypting email for privacy compliance is not getting simpler. The devil (hacker) is in the details.
The DHS is using Congress’ “Real ID” Act of 2005 to require all US states to issue new, more robust IDs for air travel originating in the United States.
You may already know Uber drivers now score YOU, the passenger, and that a customer rating indicates who they choose to pick up. But did you realize a score below 4 out of 5 could potentially drive up your costs (fewer drivers want to drive you, triggering premature “congestion” pricing)?
The biggest unifying force in Europe may be cybersecurity regulation. Despite Brexit and the wavering EU support in France, all 28 EU member states are implementing the General Data Protection Regulation (GDPR) which goes into effect in May, 2018. GDPR will standardize cybersecurity across all 28 member states, including the UK, Brexit or not.
When the politicians in Colorado legalized cannabis, we all learned about the after effects of Rocky Mountain brownies – but the calories and cannabis burn off after a few hours.
What about Russian Forged Cookies? While these “cookies” are tasteless, they have long-lasting after effects that can be costly.
What is an HTTP cookie? An HTTP cookie is a small piece of data sent from a website and stored on your computer, used by websites to remember and record your browsing activity – or remember your username and password stored in your browser. Details
What is a Russian Forged Cookie? A Russian Forged Cookie is an HTTP cookie created by a hacker in Russia that masquerades as an authentic Yahoo cookie – and in this case, the Yahoo cookie that remembers your Yahoo Mail username and password for you.
It turns out this Russian Forged Cookie has an aftertaste that lasts for years — souring in the mouths of Yahoo shareholders to the tune of $250 million, the reported reduction in the price Verizon will be paying to acquire Yahoo as a direct result of the attacks coming to light.
Cybersecurity Has No Political Affiliation
While we often talk about political influence in security regulations, Russian hackers, and high profile government hacks, cybersecurity really is apolitical. It impacts large and small businesses, men and women, Democrats and Republicans. Recent news headlines may focus on the politics surrounding hacking and protecting against politically-motivated cyberattacks, but cybersecurity has been and will continue to be equally important for all individuals (that use computing devices) and all businesses.
We have discussed how cybersecurity has lured homebuyers into wiring down payments to cyber criminals – (If this concerns you, try RPost’s Anti-Whaling email imposter protection).
We have also discussed the reputational cost to big business (e.g. Yahoo). In Cisco’s Annual Cybersecurity Report they discuss the cost to small and mid-sized business — upon awareness that the company was hacked, many report either a 20% reduction in revenue or a 20% reduction in customers.
Once the regulators (back to politics) weigh in, the costs can skyrocket — for example, if a US company is doing business in Europe, under the General Data Protection Regulation (GDPR), authorities may impose fines of €20 million or up to 4% of global annual revenue, in certain cases of serious breaches of the Regulation.
Hollywood Moves In. Christian Slater: The New Face of Cybercrime?
Maybe the new face of cybercrime has started to change – from shadow government operatives to Hollywood A-listers. HP released a four-part video series called “The Wolf” featuring Christian Slater as the human embodiment of cybercrime. In one video, Slater encourages an employee to print a gift certificate sent from an unknown email address. In another, he traipses through an office late at night, loading malware onto computers. HP hopes to draw attention to the risk of cybercrime via unsecured printers as well as desktops and other devices. The videos are certainly entertaining yet are also surprisingly insightful, bringing to life (with technical accuracy) the often underestimated dangers cyberattacks pose to every business.
Cybersecurity decisions should not be made by the IT department alone, nor should they be made exclusively by the executive suite. We suggest that corporations involve their executive teams in the process of evaluating and improving security practices and investments in new technology alongside IT staff. This is important so that IT has the budgets to protect, and executives understand the real (financial and reputational) cost of a successful hack.