Unabated Cyber-Crime Forcing Rethink of Data Collection Habits

by Jeff Wiener on June 10, 2014

Cyber-crime costs the global economy upwards of $445 billion every year, Reuters reported on Monday, with theft of intellectual property and other such damages far exceeding the already staggering $160 billion cost to individuals from hacking. What’s worse though, a second Reuters report notes,  is that security analysts fear that ultimately no matter what steps businesses take to protect both their and your information that it won’t be enough. There is nothing anyone can do to stop digital breaches.

The information was complied by the Center for Strategic and International Studies (CSIS, not to be confused with the Canadian intelligence service) in a report that concluded that cyber-crime remains on the rise, a significant growth industry that has damaged trade, competitiveness, and innovation around the world. “Cyber crime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” Jim Lewis of CSIS said in a statement.

The truth of the matter is that information has become toxic, meaning the more information companies have the more said information will be sought after by nefarious ne’er-do-wells, meaning the more those companies ultimately stand to lose. Simply put, with the cost of cyber-crime skyrocketing and the security industry seemingly powerless to mitigate the damage perhaps its time to view data and data storage in a different light, taking a counter-intuitive less-is-more approach.

There’s no question that the business world is reeling in the face of this upsurge of cyber-crime, unsure of how to solve the problem, mitigate the damage, or even where to spend money to try to protect themselves, as rumours abound that companies are increasingly throwing money at top level security experts in hopes that it might help solve the problem.

But with losses to the global economy still rising the reality of the situation is perhaps starting to set in, we can’t win. As Reuters’ journalist Peter Apps writes, “The reality, cyber security experts say, is that however much they spend, even the largest companies are unlikely to be able to stop their systems being breached.”

So if throwing money at cyber-crime won’t make it go away what recourse do businesses have in the face of such mounting losses?

“Information has become toxic for retailers because the more they have, the bigger a target they become,” said Lamar Bailey, security researcher at IT security firm Tripwire. “The ongoing rash of attacks brings into question what information an organisation should be keeping.”

It’s a revolutionary way of thinking about information, particularly in an age where data gluttons are par for the course, but as Apps writes, “The best defence may simply be either to reduce the data they hold or encrypt it so well that if stolen it will remain useless.” If a company has less data or heavily encrypted data they’ll be less of a target, meaning ultimately more protection for consumer information and less revenue lost to data theft.

I’ll admit it’s an ironic twist that in this age of unprecedented (and sometimes unscrupulous) data collection that the information itself has become a ticking time bomb of potential destruction, not only to one’s bottom line but to one’s reputation as well. But given such a reality it truly seems the only way forward is a complete rethink of our data collection habits, revisiting what data companies collect, what data they keep, and what data simply isn’t worth exposing to such potential risk.

Previous post:

Next post: