In today’s digital age we cannot argue with the idea that the evolution of technology has contributed to many conveniences in our day-to-day life. Online banking, the ability to access corporate data from smart phones, and e-commerce are just a few examples of how the digital evolution has changed the landscape of how we operate on a daily basis. While these conveniences have contributed to simplifying our daily operations, have we taken a moment to think about the possible repercussions of exposing sensitive data on the internet? Similar to how the landscape of technology has changed, so has the evolution of cyber threat.
Today’s hackers are more sophisticated than ever, and can make over $1 million a year! Methodologies such as leveraging exploit kits to deliver malware, ransomware, Distributed Denial of Service (DDoS) attacks, and phishing attacks are just a few examples of how these hackers infringe on their victims. Industry and the public sector are just as vulnerable as consumers who post sensitive data on the internet. As a result, regulations such as PCI (Payment Card Industry) compliance, HIPAA (Health Insurance Portability and Accountability), and FIPS (Federal Information Processing Standard) are all examples of guidelines companies in these various verticals must adhere to in order to protect sensitive data from being compromised. These regulatory compliances consist of a comprehensive checklist of requirements companies must align with in order to pass their compliance audits. These standards evolve as threats evolve. These compliances require the industry to invest in IT security in order to protect and reassure their customers’ sensitive data cannot be accessed from an unauthorized source. IT departments must invest in various layers of security by implementing Next-Gen Firewalls, Next-Gen Intrusion Prevention System (IPS) solutions, encryption technologies, and VPN technologies, to name a few solutions. Why should companies care to invest in these technologies? The cost of a potential breach can not only cost a company millions of dollars, it can bruise their overall brand reputation and can cause their stock price to go down.
From a consumer standpoint we can take necessary precautions in order to minimize our risk as well. Measures that can be taken include creating strong passwords, changing passwords frequently, not openly distributing bank account details, and checking credit card statements thoroughly. These measures will help prevent one from becoming the next victim of cyber-crime.
Further reading:
PCI Compliance Standards: https://www.pcisecuritystandards.org/
HIPAA Compliance Standards: http://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/
FIPS Compliance Standards: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
Sangeeta Kodukula
Security Consulting Systems Engineer, Cisco Systems
sakoduku@cisco.com
Sangeeta Kodukula is currently a Security Consulting Systems Engineer at Cisco Systems. Other roles over her 10 year tenure at Cisco include supporting network management applications as a Customer Support Engineer in the Technical Assistance Center and selling Cisco’s technologies in the Dallas/Ft. Worth area as a PreSales System Engineer. She is a graduate of the University of Texas (B.S. in Electrical Engineering) and is a member of Women in IT, IEEE, and Society of Women in Engineering. She also mentors girls in high school and college to promote STEM development and careers for women in IT.
