Roberta Anderson is the Chief Information Security Officer for the City of Colorado Springs. She has over 15 years of information and cyber security expertise in both the public, private, and Department of Defense sectors. She holds the Certified Information Systems Security Professional (CISSP), NSA and Committee for National Security Systems (CNSS) 4011 and 4012 certifications, in addition to Security + and Network +. She has her Bachelors in Cybercrime Investigation, and Masters in Cyber Security and Information Assurance. You can connect with Roberta on LinkedIn: http://www.linkedin.com/pub/roberta-anderson/96/428/293
Be Your Own Advocate
A recent study of 2,000 consumers in an online survey revealed nearly 3/4 of respondents did not think companies cared enough about the security and privacy of their data.
“Despite being outraged over a string of recent retailer breaches and revelations regarding the National Security Agency’s monitoring activities, Eric Chiu, president and co-founder of HyTrust, said he hasn’t witnessed any notable shift in consumers’ behavior around valuing security. Consumer inaction doesn’t mean organizations can continue to ignore data privacy and security though, warned Chiu, who pointed to the recent breach at Minneapolis-based retailer Target as an example of spiraling costs associated with suffering a data breach.”—techtarget.com
From a consumer perspective, this means people should not assume their data is being protected; people need to be their own advocates. From a business perspective, this means the bar needs to be raised. If companies want to increase consumer trust, as well as be customer focused, they need to improve their internal information security practices.
Cyber-attacks are increasingly easy with faulty software, absent internal auditing processes, and budget cuts, but the responsibility to perform due diligence should not yield. Customers deserve for their data to be protected, and even though the majority is not demanding it now, the time is not too far in the future.
Eventually, consumers and lawmakers alike are going to mandate better information security practices. President Obama has officially endorsed a better framework for improving the Nation’s cybersecurity through Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”. Smart companies will do the same by ensuring they are thinking innovatively and “ahead of the curve”. It is the companies who respond to customer protection without being asked which will likely profit, and improve their customer base. Don’t wait until a breach occurs to modify your data security, it could prove to be very costly.
http://www.cyberlinguist.com/2014/03/16/be-your-own-advocate/ (link to original blog posting – Roberta’s Blog)