Hack Gives Snapchat a Black Eye on Privacy
To Start 2014, Snapchat CEO Perfectly Sums Up Cyber Security Dilemma Most Businesses Face - "We thought we had done enough"
On the heels of a cyber attack that exposed the usernames and phone numbers of 4.6 million Snapchat users, Joe Caruso, founder of Global Digital Forensics, lends some industry insight into the dilemma faced by so many businesses today, which was perfectly summed up in a few words by Snapchat’s CEO that should reverberate with every business heading into 2014.
Cyber Threats Alive and Well as 2014 Kicks Off
Just as 2013 was making its final approach into the history books, Snapchat, creators of a photo messaging app that revolves around user privacy, suffered a data breach which exposed the usernames and associated phone numbers of 4.6 million users. Granted, it’s not as catastrophic as the recent attack on Target that put the valid credit card information of 40 million customers in the wind, but in an exclusive post-attack interview with Carson Daly, Snapchat’s CEO, Evan Spiegel, uttered six prescient words that are far too often repeated after an organization is victimized by cyber attackers, “We thought we had done enough.” Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier provider of cyber security solutions and data breach/intrusions emergency response, has heard that line repeated many times. “But,” Caruso said, “far more often than not, regular testing, basic security measures, awareness, and understanding the basics of the threat landscape would have stopped or severely diminished the damage of many of the attacks GDF has responded to over the years.”
The Cost and Effect Balance of Cyber Security
“In today’s ESI (Electronically Stored Information) driven world, cyber security can never be an afterthought, it has to be a primary consideration. But it doesn’t have to be a black hole of resources, time and energy that many organizational decision makers seem to have in their minds to achieve a good to excellent security posture on the digital front. Grasping and driving home the cyber security basics will get any organization 95% and better of the way there. That’s what the bulk of our business is, helping clients nail down the basics first, and then if they want to close the gap on those few remaining percentage points even further, we can seamlessly transition into helping them combat the more sophisticated and advanced threats that their unique situation dictates. And since we will already have the knowledge gained from our initial threat assessments and testing, already knowing and understanding the organization’s digital asset environment, data flow and regulatory compliance needs, any future costs for more advanced security help are driven down substantially. Not to mention, it gives us a huge leg up when it comes to time-critical emergency response should a breach or intrusion occur, because the hard truth is there is no such thing as a perfect solution for cyber security for any organization relying on digital information and technology; the threats and players evolve every day. But we can get clients close and quickly and effectively respond to any threat that still may manage to get through, both the external variety, and the even harder to prevent insider variety.”
Building a Roadmap to Improved Cyber Security
“Achieving effective cyber security is like any journey, you can’t figure out how to get where you’re going if you don’t know where you are. It’s easy to be lulled in to a false sense of security and to think you’ve done enough just because you finally grabbed the steering wheel, put it in gear and started to drive, but unless you’re heading in the right direction, you could end up in a very scary and dangerous place you really don’t want to be. Our network vulnerability assessments, application reviews and penetration testing solutions don’t only provide clients with a map, we’re more like a full on-board computer and GPS system that can warn you about dangerous conditions, both in the vehicle and on the road ahead, so you can take appropriate measures. And that’s what doing business in the digital world of the 21st century takes, knowing where you are, what weaknesses your vehicle has inside and out, and what kind of threats you’re likely to face on the road today and how to best avoid them.”
Business Reality Today
“The benefits of digital information and technology can be immeasurable, giving businesses abilities that were unimaginable even a decade ago. But with those abilities come responsibilities, and security for customers, employees, investors and vendors has to rank high on the totem pole. It will take some time, energy and resources, but it has to be an expected and included part of any business model today, no matter how large or small the organization. Just ask the CEOs of Target and Snapchat if they would do something different looking back. And they’re the lucky ones, they will probably survive the attack and the aftermath because they have the resources to weather the storm, but most small to medium sized businesses that suffer a big breach end up closing their doors in six months, and that is business reality today. So don’t wait until it’s too late to get professional help, your business' survival could depend on it.”