Friday | 10 July, 2009
CSO
Your World. . . Hacked
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to compete
Stephanie Overby (CIO) 02/10/2007 10:51:23
Page:

Exposed

According to cybercrime experts, digital IP theft is a growing threat. Although precise numbers are hard to come by, the US Department of Commerce estimates stolen IP costs companies a collective $US250 billion each year. And that number does not include hacked or hijacked information that goes unnoticed or unreported. The economic costs on a nationwide scale are impossible to quantify just yet.

Suspected state-sponsored espionage against the US government has received the most publicity, thanks to the investigation of a series of coordinated attacks on federal computers dubbed "Titan Rain". The 2003 attacks may have been the work of a China-based cyberespionage ring that was trying to steal government information, according to articles published in The Washington Post and Time magazine in 2005. But companies in any industry may be vulnerable. As businesses increasingly collaborate with external partners and expand globally, they're also increasing their exposure to criminals — and possibly foreign governments — who may have more on their minds than scoring some personal details.

"There's a ceiling on how much money can be made by stealing identities," says Scott Borg, director and chief economist of the US Cyber Consequences Unit, an independent non-profit institute set up at the request of the US federal government to examine the economic and strategic consequences of cyberattacks. "You can actually steal the business — its processes, its internal negotiating memos, its merchandising plans, all the information it uses to create value. That's a very large pay-off."

Unfortunately, most IT organizations approach the risk to IP the way they approach all IT security: focusing on the corporate perimeter and developing security tactics and policies from the system level up. Instead, CIOs must take a top-down approach. What's required today is a counterintelligence mind-set that assumes someone, somewhere, wants your data, along with multiple layers of defence to thwart would-be cyberspies and respond when (not if) they get through your defences. "There are wide-ranging attacks against commercial organizations," says Bill Boni, CISO of Motorola. "It's incumbent on organizations — be they governments or commercial enterprises or academic institutions — to understand what their crown jewels are and make sure they are protected commensurate with their value."

Page:
More about Wall Street, Forrester Research, eBay, Gartner, Department of Defence, Starbucks, Communications Systems, Hewlett-Packard, Cisco, FBI, Billion, Transportation, Leader, The SANS Institute, CROWN, Exposure, Niku, Bill, Critical Systems, Microsoft, SANS Institute, ING, Vigilance, Computer Security Institute, VIA, Motorola, Symantec, Leader Computers

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

State of Internet Security

Spyware, viruses and other malware transported via Web sites represent the most serious data threat to companies today. Read on find out how you can appropriately leverage technology and appropriate business technologies to protect your business.

Sponsored Links