David Sable Asks, “Are We Prepared to Protect Ourselves Against the Next Great Hack?”

  • By digitaldiary
  • in
  • on January 14, 2021

As originally published by David Sable on Linkedin. Subscribe to the newsletter!

2017 was an epic year for cybersecurity disaster. It also marked a turning point in hacking. No longer were the targets individual corporations that fell victim to relentless attacks that ultimately breached even the most up-to-date security walls, or the sneak intrusions via holes in company software systems. Ransomware was small potatoes now. Sure, there were individual hackers and attackers more than happy to cause chaos for a big payday, but by 2017, the game had changed—as had the targets.

Damage, great damage, was the goal. Not just chaos but destruction. Mayhem. The individual hackers we have gotten to know and love via movies and TV were now whole countries bent on sowing discord, fear and paranoia in other governments. Still movie-like but more “evil empire” vs “kid on a skateboard with a hoody and PC in tow.”

The “elegance” of the 2017 big hack, as one cybersecurity expert (himself, a reformed hacker) explained to me, was that it wasn’t a frontal assault. No one could have seen it coming or detected it, as it was embedded in the software and services that were routinely shared, server to server, across the world by a financial service provider. An outsourced resource. Initially, companies spun in circles for days thinking it was ransomware, but soon, its evil intent became clear, as fried servers and laptops were junked across the globe and as Ukraine, the clear target, ground to a halt.

Fast forward to today.

SolarWinds, a dominant provider of IT infrastructure technology, whose products monitor and manage network, system, desktop, application, storage and database and website infrastructures, told analysts in October, “There [is] not a database or an IT deployment model out there to whom [we don’t] provide some level of monitoring or management.” On December 19th, SolarWinds reported that it had been hacked. The company has yet to ascertain the true damage done to its clients (many of whom are U.S. government agencies) and their client’s clients in chain after chain of potential breach.

In all fairness to SolarWinds, they are far from the only firm to be left completely vulnerable by difficult-to-detect hacks. FireEye, one of the leading global cybersecurity solution firms, is looking for a solution to the hack it sustained earlier this year, almost certainly by Russia, and is advocating for a strong U.S. government response to such attacks…I imagine because they are no longer as confident as they once were about providing ironclad security.

What really sets me off about the revelation of these hack attacks, is the feigned surprise of the companies, of the media, of our government, as if they have never before seen a supply chain hack or entertained the idea that an evil empire might target our corporate and government infrastructure.

This has happened before and it will happen again.

As that reformed hacker taught me in 2017, there is nothing that is hack proof. Nothing at all. Yes, we need to protect ourselves the best we can, but we must also understand that anything can be hacked. His view? Recovery is the critical issue. What is our corporate/governmental plan to get back on track? To have your systems up and running? To limit the damage?

And yet, as I read about the responses to our latest data disasters, I am concerned that we are not focused in the right areas.

No doubt, some of you are asking why I’m writing about data breaches. I’m a marketing person, not a techie…so here goes: my view is that we are not asking the right questions, nor are we focused on serious game-changing moves that could mitigate the next breach, which will come. We are asking the wrong questions and have yet to adopt the “we will get hacked” ethos. As a result, we are unprepared for large scale responses to data hacks when they come.

But now, let me go into full marketing mode and suggest a radical agenda that won’t prevent hacks but that will make their aftermath less severe.

From our marketing perch, we need to completely rethink the use of data in our industry and, most importantly, the types of data we keep and collect, especially as we know that even randomized data can be un-spun and made specific.

Do we really need your passport to provide a better check-in experience? Must I keep your credit card to eliminate friction? And how about your e-mail, land address and phone number?

Why do we let Facebook, Google and others vacuum hose our usage data and then sell it like it’s their own? Why do we give access to our systems and devices for more data sucking, which in return, we supposedly get better targeted advertising? Is that a legitimate value exchange, when they make billions and we get ads?

As marketers, our job is to help our clients, use insightful user data to create, develop, refine and distribute the kind of products and services that make a difference, an impact on their clients/users/costumers/consumers lives. It’s not to fund giant media machines that grind us all to bits and bytes and then wring their hands when our identities are stolen, or our accounts viciously hacked.

I’m guessing that corporate boards, governments and others involved in the chain of serious governance will keep their eye on the big picture.

But, my readers, it is up to us to change the game where we can. To be bold. To be creative. To innovate not in how to get more data out of all, but how to do more with less. Make the stored data less valuable/ less important and the impact of hacking will be greatly minimized.

One final thought. Brittany Kaiser was the former biz dev head of Cambridge Analytica. You can read all about her and take, like I do, her protestations with a grain of too little, too late salt. But given her pedigree, and what she has seen and done, her insight is invaluable and critical to study.

She said:

“If we want protection, we need to start thinking of our data as our property, because if no one has noticed, property is held up and protected legally.”

And that’s it. It’s your data, no one else’s. If you want my data, there is a price. Let’s start to demand accountability and legal protection.

What do you think?

Leave a Reply

PUBLISHED BY digitaldiary

View all posts by digitaldiary

Related Posts

CIO , Data

Missed the Digital Enterprise & Data Transformation Assembly? We’ve Got You Covered!

Last week, data and technology’s leading CIOs, academics, and thought leaders came together for our Digital Enterprise CIO & Data Transformation Assembly to discuss digital transformation and the future of IT. In case you were unable to join us, check out our event highlights below! Opening Keynote Address Day one kicked off with an opening […]

#MillenniumLive , Podcast

Listen to #MillenniumLive on Amazon Music!

2021 has been a year of milestones for our #MillenniumLive podcast – we released on Spotify, recorded our 100th episode, and we were joined by some of the most influential guests to date. Now we’re thrilled to announce that #MillenniumLive is available for listening on Amazon Music! Haven’t listened to our podcast before? Here’s the […]

#MillenniumLive , CIO , Data , Podcast

#MillenniumLive Episode: Getting Started on your Data Journey with Joe DosSantos from Qlik

This week #MillenniumLive welcomes back Joe DosSantos, the Chief Data & Analytics Officer at Qlik. Joe gives some insight on offensive vs defensive data strategies, the importance of data accessibility, and provides tips on starting your analytics journey. He emphasizes the importance of understanding what your data is, tagging it, organizing it, and making it […]

Healthcare

Experiential Retail: A Post Pandemic Guide

Contributed by our partners at AnyRoad Brick-and-mortar retailers saw significant reductions in foot traffic last year while e-commerce sales peaked in Q4 2020, but a natural balance is slowly returning as the pandemic subsides and competition among retailers is tougher than ever. As things open up, some brands (such as Home Depot, Williams Sonoma, etc.) […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.