Kim Kardashian Breaks the Internet, Obama Aims to Fix It

“We’re only 26 years into this Internet Age. We’ve only scratched the surface.” — President Barack Obama

A mass blending of personal and corporate information on cloud- and web-based applications has brought industry and government decision makers back to the table post-Snowden to discuss tackling the increasing cyber vulnerabilities.

Last week, President Barack Obama joined top tech CEOs and industry executives, senior government officials, media and students to “talk nerdy” about cybersecurity and consumer protection at Stanford. The summit touched on several of critical issues facing the safety of personal information living online from both a national (security) and corporate (data protection) perspective. Despite the noticeable absence of key tech CEOs and a constant undertone of guided narrative, the inaugural summit achieved its goal: it got people talking.

Apple’s CEO Tim Cook delivered perhaps the strongest private sector perspective of the day, championing a separation of personal information, government oversight and corporate bottom lines – among many other elements of consumer protection. Cook gave his speech right before President Obama outlined reasons behind signing a new Executive Order with the goal of enhancing public-private information sharing to curb cyber threats. Though originating from wildly different corners, a central theme in both speeches was protecting the integrity of private citizens’ data.

On the industry front, companies in direct line of attack like Intel, Apple, Bank of America, AIG and others are making public commitments to integrate the U.S. government’s cyber security framework into their corporate policies. Vendors that host and protect citizens’ data like Box, FireEye, Crowdstrike and others are jumping on President Obama’s Executive Order information sharing bandwagon. While we’re headed in the right direction, it will take time to rebuild the relationships with industry – especially tech – necessary to completely hedge against cyber threats.

The President summed up a day’s (and probably a year’s) worth of conversations when he said, “Everybody is online, and everybody is vulnerable.” As we have said in the past (and will time again):

Every company must become a security company. Data, in the form of files, information and communications, are the lifeblood of any organization. The integrity of employee, customer and citizen data depends on it. From the moment you wake up you are either sharing, consuming, or creating new information. With the recent hacks on Anthem, Sony Pictures and Target, every company is waking up to the fact that they not only have to be a technology company, but that they also have to become a security company.

If it isn’t usable, it’s not security. Today, businesses must increasingly cater to a multitude of users. If enterprise security requirements aren’t intuitive and simple, it’s extremely common for employees to envision security as a roadblock and find workarounds for their email, personal devices and the cloud, opening up new entry points. Bottom line: security will only be effective if it’s highly usable for employees and trackable for the enterprise no matter where the data goes.

There is no such thing as the “corporate perimeter.” At Veradocs, we operate with the philosophy that no matter how hard you try, how much you believe you have reinforced your perimeter, data and bits will escape. Essentially, this new security paradigm is a leapfrog innovation requiring a whole new set of thinking. With leaks being the norm, the perimeter is inherently porous and more vulnerable to theft than ever before. There is an immediate need for a new approach to security that aims to protect customers from the inevitable — even after the inevitable happens. It’s no longer an “if” proposition, but “when” a company will make headlines for the wrong reasons.

Last Friday’s summit produced mixed reviews, but it did provide clear evidence of corporate buy-in to information sharing with the public sector on some level. That’s a good start, but building or re-establishing the trust of consumers and citizens is a key element of this process and one that needs to remain a central focus as the public and private sectors piece together effective strategy.

Written on February 20, 2015
by Ajay Arora
Tags:
  • Industry, 
  • Security