I feel Hackers are people that just want you to know and make you feel that you are not safe at all and that your safe or protection is nothing at all.
This kind of attack on citibank would have been going on before now you can imagine how much would have been done by this hackers to get the job done.
I have always been of the opinion that anything that has to do with the internet is more or less not that secured, its always seem to be "the rules that are made to be broken"
There is need for a more security around stuffs like this
I think Technology and upgrades is becoming a great threat for security.
Today i think we need to have a device to remember our passwords, at the same time it doesnot give you a feel of safety. And at the same time the materials available today are great source for hackers.
These hackers have caused concern across the board and rightfully so. If they were able to breach the DOD and Citibank systems, systems that are supposed to be some of the best around, what's next? Many companies think they are not vulnerable because they aren't high profile or very large. Yet they fail to realize hackers just want information that can be used in other systems to meet their needs. The high tech sector needs to step up big time and try to think like the hackers and be proactive. Security has always been a concern for using the cloud, and with these attacks there's going to be even more concern.
Throughout the history of mankind there has always been a criminal element. 500 years ago the unruly element figured out ways to break the security of small holdings and steal livestock and supplies. Today the criminals are more high tech but they are still criminals. This is simply a burden that society has to bear and as such should try to minimize the impact by making systems more immune to attack. Now some hackers actually provide a service by exposing vulnerabilities that the system provider can use to improve their offering. Other hackers are criminals intent on stealing. Industry needs to bear the cost by insuring consumers will not lose out as a result of hacking. This is an insurance cost. If this cost is unacceptable to the provider more effort needs placed on educating hackers not to do it, deterring hackers with more severe penalties and improving the security of the systems.
" deterring hackers with more severe penalties and improving the security of the systems."
You cannot expect to deter every hackers as most of their activities are conducted undercover. As you said hackers are here to stay and companies should prepare for that and take appropriate actions to secure their infrastructures and computing systems. It is not realistic to think that you can educate hackers so that they won't target your company. You should rather invest in more reliable and efficient systems
Taking advantage of data breach incidents and the huge losses suffered by companies, insurance companies have started offering insurance policies to companies that cover against attacks by hackers. This is one measure that companies can take to be able to pay back their customers. However, even with this, the company cannot recover the lost reputation and customer's trust once data is leaked out of the organization.
I like the idea of having your service provider take responsibility for hacking should it happen. If anything makes companies more diligent, it's the threat of liability.
I'm sure the ISP will have something to say about that. They should be able to limit content, traffic or some other aspect of the communication but with the whole issue of net neutrality, they will not be allowed to do that.
The problem with making them responsible is that they can't control a user's behavior. They can have the firewall set up but that might not be enough.
Wecannothave100%securityinsoftwaresystems. Even in the latest security program willbeabackdoororabuginsecuritypolicies.Evenamilitarybasecanbeviolated.
Hacking and crackingisonestepfrontfromtoday'ssecurityprograms.Ibelieveonlywithmonitoringwecanregulatethehacker'sattacks.AndmanycompaniesunderestimatetheneedofhavingITsecuritydepartmentandsecuritypolicies.
I think most companies tend to follow the 'cure' model as opposed to 'prevention' model whereby they only react to security incidents after an actual attack or a data breach has taken place. Given the recent attacks on high-tech companies such as Sony, there's an absolute need for most organizations to firstly check the security of their systems against all kinds of attacks and fill in the loopholes before it's too late. The hackers are progressing faster than developments in cyber security are.
i have the same opinion as the rest that making IT 100% safe may not be possible and the advancement of technology might make it more difficult. It is surprizing with the case of citibank that hacker took only 3 million and not more. Is there any reasoning why not more money? Only those incident of high profile account hacking come to news.
Very true. Just look, for example at Dropbox. A free service that hosts your data and ensured security. Then we find out later that they de-dupe your data, which essentially is not secure since a single copy of duplicate files is stored for all users. So I can only imagine that for storage savings-purposes, other cloud vendors do the same.
Seems to me to be a feature you would want to use only if you are on the go & need your data anywhere OR if you have multiple devices where you need access to the same information.
Your points here regarding what Citibanks CIO should be doing now had me wondering-
"I would be having tough discussions with the providers and operators of the system and all the high-tech companies that supplied the hardware and software.
I would also be much more careful when selecting the next service provider, and I would put the onus for preventing future attacks on that provider. Perhaps I would also get the provider to sign a contractual clause promising to indemnify my company against blames, if an attack were to happen in future, and provide financial compensation for lost money, time, and productivity."
Should'nt all this have been part of the Contingency planning in advance itself?
What about all the clawbacks that are in place in most Security contracts today?
I find it hard to believe that a major Financial System like Citibank does'nt have some form of Clawback similar to this which I visualised here.The IT system suffers a breach because of your products drawbacks-Pay Up.
What about Cyber Insurance?It is today one of the fastest growing industries in America.Does'nt Citibank have some form of Liability insurance here?Why should shareholders take such a direct and immediate hit?
EBN Dialogue enables and encourages you to participate in live chats with notable leaders and luminaries. Not only editors and journalists, but the entire EBN community is able to comment and ask questions. Listed below are upcoming and archived chats.
Archived Dialogues
Thailand Stages a Comeback Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Euro-Crisis: What It Means for High-Tech Firms Join EBN Editor in Chief Bolaji Ojo and Contributing Editor Jennifer Baljko on Thursday, July 12, at 10:00 a.m. EDT for a Live Chat on high-tech and Europe's economic difficulties.
Microsoft Surface: Potential Winners & Losers What are the implications for the electronics industry supply chain of Microsoft Corp.'s decision to launch its own tablet PC? Join industry veteran and EE Times' systems and OEM expert Rick Merritt on Tuesday, July 3, at 12:00 pm EDT for a Live Chat on this subject.
Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Peter Drucker famously said "Trying to predict the future is like trying to drive down a country road at night with no lights while looking out the back window." Yet in the razor's-edge world of electronics—with a lean supply chain and just-in-time demands—the need to know the future is vital.
While no one really can accurately predict the future, we can take guidance from another Drucker saying which is the best way to predict the future is to create it.
You've heard the saying "the No. 1 supply chain risk is your people." That hasn't always been the case. But today's complex global supply chain requires a new type of multitalented employee. It's one who understands, finance, marketing, economics, is savvy with technology, graceful with relationships and can think analytically.
Where are these people? Are universities properly preparing the next generation supply chain professionals? How do train your existing workforce for these new, demanding positions?
Brian Fuller, editor-in-chief of EBN, will lead a 60-minute Avnet Velocity panel discussion that will ask and answer these and other questions swirling around today's supply-chain talent challenges.
To save this item to your list of favorite EBN content so you can find it later in your Profile page, click the "Save It" button next to the item.
If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
