Very true. Just look, for example at Dropbox. A free service that hosts your data and ensured security. Then we find out later that they de-dupe your data, which essentially is not secure since a single copy of duplicate files is stored for all users. So I can only imagine that for storage savings-purposes, other cloud vendors do the same.
Your points here regarding what Citibanks CIO should be doing now had me wondering-
"I would be having tough discussions with the providers and operators of the system and all the high-tech companies that supplied the hardware and software.
I would also be much more careful when selecting the next service provider, and I would put the onus for preventing future attacks on that provider. Perhaps I would also get the provider to sign a contractual clause promising to indemnify my company against blames, if an attack were to happen in future, and provide financial compensation for lost money, time, and productivity."
Should'nt all this have been part of the Contingency planning in advance itself?
What about all the clawbacks that are in place in most Security contracts today?
I find it hard to believe that a major Financial System like Citibank does'nt have some form of Clawback similar to this which I visualised here.The IT system suffers a breach because of your products drawbacks-Pay Up.
What about Cyber Insurance?It is today one of the fastest growing industries in America.Does'nt Citibank have some form of Liability insurance here?Why should shareholders take such a direct and immediate hit?
i have the same opinion as the rest that making IT 100% safe may not be possible and the advancement of technology might make it more difficult. It is surprizing with the case of citibank that hacker took only 3 million and not more. Is there any reasoning why not more money? Only those incident of high profile account hacking come to news.
I think most companies tend to follow the 'cure' model as opposed to 'prevention' model whereby they only react to security incidents after an actual attack or a data breach has taken place. Given the recent attacks on high-tech companies such as Sony, there's an absolute need for most organizations to firstly check the security of their systems against all kinds of attacks and fill in the loopholes before it's too late. The hackers are progressing faster than developments in cyber security are.
Wecannothave100%securityinsoftwaresystems. Even in the latest security program willbeabackdoororabuginsecuritypolicies.Evenamilitarybasecanbeviolated.
Hacking and crackingisonestepfrontfromtoday'ssecurityprograms.Ibelieveonlywithmonitoringwecanregulatethehacker'sattacks.AndmanycompaniesunderestimatetheneedofhavingITsecuritydepartmentandsecuritypolicies.
I'm sure the ISP will have something to say about that. They should be able to limit content, traffic or some other aspect of the communication but with the whole issue of net neutrality, they will not be allowed to do that.
The problem with making them responsible is that they can't control a user's behavior. They can have the firewall set up but that might not be enough.
EBN Dialogue enables and encourages you to participate in live chats with notable leaders and luminaries. Not only editors and journalists, but the entire EBN community is able to comment and ask questions. Listed below are upcoming and archived chats.
Thailand Stages a Comeback Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Microsoft Surface: Potential Winners & Losers What are the implications for the electronics industry supply chain of Microsoft Corp.'s decision to launch its own tablet PC? Join industry veteran and EE Times' systems and OEM expert Rick Merritt on Tuesday, July 3, at 12:00 pm EDT for a Live Chat on this subject.
Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Peter Drucker famously said "Trying to predict the future is like trying to drive down a country road at night with no lights while looking out the back window." Yet in the razor's-edge world of electronics—with a lean supply chain and just-in-time demands—the need to know the future is vital.
While no one really can accurately predict the future, we can take guidance from another Drucker saying which is the best way to predict the future is to create it.
You've heard the saying "the No. 1 supply chain risk is your people." That hasn't always been the case. But today's complex global supply chain requires a new type of multitalented employee. It's one who understands, finance, marketing, economics, is savvy with technology, graceful with relationships and can think analytically.
Where are these people? Are universities properly preparing the next generation supply chain professionals? How do train your existing workforce for these new, demanding positions?
Brian Fuller, editor-in-chief of EBN, will lead a 60-minute Avnet Velocity panel discussion that will ask and answer these and other questions swirling around today's supply-chain talent challenges.