Tag

privacy

Browsing
Get started on your cybersecurity degree at American Military University.

By Susan Hoffman
Contributor, InCyberDefense

These days, it’s very difficult to maintain the privacy of your digital data and still remain a part of modern society. Social media sites, for instance, insist on collecting personally identifiable information (PII) such as our names, birth dates and email addresses. Similarly, companies commonly collect other information — such as credit card numbers, bank or credit union account numbers, and medical records — which are stored in large cloud databases that are potentially vulnerable to skilled attackers.

By now, we’ve all become accustomed to giving up at least some of our digital data. Providing our personal information through online portals enables us to accomplish tasks such as making online purchases, creating social media accounts and accessing our health information.

But what if that information was used to publicly shame us or as evidence in a criminal case? Would we be as willing to provide it to companies?

Giving Information and Images to Online Sites Is Now Routine

Most computer-savvy users are aware that they should be cautious about what information and images they put online. For instance, workers have been fired for providing proprietary information and making uncomplimentary remarks about clients or coworkers. In one case, a simple tweet created a public relations disaster due to its racist content.

Even images — whether they are yours or taken by someone else without your permission — have the potential to cause public embarrassment. A photo with less-than-savory content uploaded by one of your Facebook friends has the potential to spread to your family, friends or coworkers; it can even go viral.

If you’re planning to interview for a job, it is also wise to clear up your “digital dirt” prior to applying for the position. Some human resources personnel may investigate your online activities, which could factor into their decision whether or not to move you forward in the hiring process. According to CareerBuilder, “70 percent of employers use social media to screen candidates before hiring.”

Ashley Madison Hack Reveals Dangers of Losing Control over Your Personal Information

In 2015, Ashley Madison, an online dating service for extramarital affairs, suffered a massive attack from a hacktivist group called The Impact Team. Ruby Life Inc., the company behind the Ashley Madison website, ended up with around $30 million in fines and has become a textbook case of security management failure.

Users of the Ashley Madison site suffered the embarrassment of having their names, credit card numbers, email addresses and sexual preferences published publicly on Pastebin. The hack also triggered divorces, job terminations, resignations and two suicides.

Digital Information Also Used for Committing Crimes

Digital information has also been used to commit crimes. For instance, revenge seekers might post online the personal information of law enforcement officers, a crime known as doxing. In addition, individuals, especially those who are high-profile business and government leaders, have been the victims of this type of crime.

Cloud Computing Has Made Our Digital Data More Vulnerable

Cloud computing has been a boon to many people, but it has also increased our vulnerability to attackers. Digital data stored in cloud databases is susceptible to both internal and external threats such as a revenge-minded ex-employee or an attacker who has become an advanced persistent threat.

Ultimately, we have to trust the guardians of our digital data to do their jobs. However, we should also exercise caution whenever we provide personally identifiable information and know how that information is going to be used.

As Timothy Morrow notes in the Software Engineering Institute’s Network Security Blog, “Some aspects of security remain the sole responsibility of the consumer. Effective cloud security depends on knowing and meeting all consumer responsibilities. Consumers’ failure to understand or meet their responsibilities is a leading cause of security incidents in cloud-based systems.”

As we grow older, we should be thankful for the growth of medical technology. New devices on the market expand healthcare providers’ capability to treat patients. These new products range from insulin pumps and home safety equipment to blood pressure rings.

On the cyber defense and cyber security professional development front, Tirpwire published The Top 13 Information Security Conferences of 2017 by David Bisson.  This is critical for federal government, military and commercial cyber defenders to plan  professional development conference attendance. (Budget authority and planning is critical for military and federal government planning due to the long timelines required for approval.)

Ten years ago today, the Senate Judiciary Committee convened a hearing to learn what a small group of military intelligence analysts had discovered about the world-wide reach of Al Qaeda and its affiliations prior to 9/11. This first hearing focused on what is known as the Able Danger program, which was the first significant data mining operation that successfully harvested and visualized massive amounts of data. Erik Kleinsmith, who was the senior military member of the Able Danger analytical team, shares lessons learned from this program as well as the ongoing challenges faced by intelligence analysts.