<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

Data Theft? On the Internet, No Train Is Too Long to Rob

Rick Robinson| January 25 2017

| security

Your organization is not in the health care or financial sectors, so your data management is not subject to regulatory compliance audits. Your revenue model does not involve keeping a large customer account database, or managing a constant flow of credit card transactions. Or else your payments system is a separate standalone, not associated with your overall IT and data management operations.

So do you really need to worry about — and take special protective measures against — data theft?

A great many organizations, perhaps most organizations, find themselves wondering about this. They are not subject to specialized compliance rules, and the data they work with and store is not filled with the sort of personal identifying information (PII) that is a favored target of thieves.

The data railroad of your network may be a quiet branch, or it may carry a steady traffic of freight trains, but it doesn't carry high-value targets, virtual mail cars or payroll cars.

Fast Internet Connections Have Revolutionized Data Theft

But times have changed. In the bad old days, train robbers looked for compact, concentrated-value targets that made for a practical getaway. A trainload of beef on the hoof or metal ore might be worth more in total value than a payroll car. But they couldn't stuff it in some extra saddlebags, so they didn't try to steal it.

Data theft is different. Gigabytes of data — data by the trainload — can be carried off in minutes, which means that thieves are not limited to concentrated value, the cyber equivalent of gold bars. The cyber equivalent of a trainload of ore can be as good as gold, and easier to steal.

Related Article: Defrag This – Episode 3 – Our Data Dystopia 

Big Data Is Valuable Data

Not only is cyber ore easier to steal than the kind shipped in hopper cars, it is also easier to mine for the valuable stuff. What we call big data, or unstructured data, is essentially data in which the value is spread out, not concentrated into easily stolen nuggets.

But our ability to process big, unstructured files means that this spread-out value can be drawn out and refined rather easily. As noted at CSOonline, big data is helping us to improve data security, but it also broadens the range of theft-worthy data.

Email hacking, which played such a prominent role in the last election, is one now-familiar example of how modern processing of unstructured data has revolutionized data theft and data security. All of those old office memos and idle gossip stored in your email archives could turn up one morning on a hacker website, and ruin your organization's entire day.

But email is not the only type of big data at risk. Customers' social media postings on your website may contain no "secrets." But for cyberthieves, simply linking those consumers to your enterprise might help in teasing out insights that could be used to launch targeted spear phishing attacks, perhaps on your customers, perhaps on your employees who respond to customers.

In short, don't assume that your data is safe from cyber-thieves simply because it is not subject to regulatory compliance, or is not an obvious target such as PII. Your data has value that may not be immediately obvious but if stolen could subject your organization to losses or risks. Every possible data breach poses risks. All of your data deserves an appropriate level of security protection.

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Rick Robinson

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.