Monday, August 1, 2011

Omnipotent Hackers - A Second Threat

In a recent Information Week article - Omnipotent Hacker Myth Lets Business Off The Hook - Andrew Conry-Murray explores the ramifications of hackers' growing aura of invincibility.

More and more, hackers are seen as uncontrollable:

News coverage has portrayed hacker groups ... as capable of striking down mighty (though mortal) targets at a whim, including law enforcement, three-letter government agencies and major corporations.

The result:

...if the hackers are portrayed as omnipotent, companies will take even less responsibility for protecting ... information

...if the public sees intrusions as unstoppable acts, how can it blame the victim?

...Companies have always weighed the costs of security against those of a potential breach, but in an era of omnipotent hackers, the balance shifts. The thinking becomes: Do I want to A) spend lots of money on security with no guarantee of protection, or B) put that money elsewhere and risk an intrusion? If you know an intrusion isn't going to cost you customers, option B becomes more palatable.

No comments: