The Shifting Ground of Data Security
Several changes in the IT landscape of recent months, even years, has brought fundamental changes in the risk profiles of many organizations. The move to the cloud, of course, has been well documented and discussed from a security perspective. One Wharton Professor argues that the cloud movement has had the effect of placing vast amounts of data within easy proximity of single entry points, making the effort of hacking much more potentially rewarding. And so we have major new groups, backed by organized crime, even perhaps by countries, looking for massive rewards from hacking. Gaining access into a single website can yield huge amounts of useful information for the criminal, such as banking information or credit card data for thousands of people.
At the same time, governments are responding with mega programs, such as that of President Obama late last year.
Individual companies have much at stake and need to employ security precautions at the most effective level. But the question is whether they are doing that, or even trying very hard. Some think they are simply assessing the risks and hoping for the best. (unfounded perhaps but also perhaps needing some more study.) Some think that it has gotten to the point that no company can possibly protect itself.
The new high stakes environment certainly adds risks and should serve to focus the response to those risks, with the knowledge that attacks are likely to be of the highest sophistication and directed to the biggest targets.
This is the new world of IT Security in the age of the cloud. More at the Wharton Site.