Tag: data breaches

04 Oct 2016

Encryption, Investment in Brand

Yahoo! announces 500 million breached.
Anthem confirms data breach, could impact millions.
DNC hacked.

What do these news headlines have in common?
Unencrypted Data, of course!

Last year, we saw a record-setting total of nine mega-breaches. Including, the world’s largest data breach ever publicly reported with an astounding 191 million records exposed!

While the cause of all data breaches vary, email is often the entry point for all manners of cyber-attacks. In fact, according to Echoworx research which polled 1,000 financial services professionals, 62% of the large corporations send unencrypted confidential information through open, unencrypted email channels.

“My data isn’t valuable to the hackers”
“I have nothing to hide”
“Encryption is too difficult”

Does this sound familiar?

According to Ponemon, 48% of organizations are challenged by the ability to deploy encryption effectively. In the past, encryption was difficult to deploy and it was not user-friendly. Services offered little support for mobile devices and required continual operating investments. But, times have changed.

Today digital business is reality. It is leading to changes in technology which is driving customer demand for security, trust, and seamless experiences. Clearly, a more adaptable approach to digital business communications is required.  At a recent security conference, Global CISO at Barclays stated “the road to a successful digital future leads through security.”

It is time that companies start treating encryption as an investment in their brand rather than treating data breaches as a cost of doing business. That’s why Echoworx, being a strong advocate of email encryption is sponsoring the ISE® Northeast Executive Forum and Awards Gala on October 4, 2016 at the Westin Times Square in New York City.

The ISE® Northeast Awards recognize the information security executives and their teams who have demonstrated outstanding leadership in risk management, data asset protection, regulatory compliance, privacy and network security. The awards are held in conjunction with a one-day Executive Forum including speakers, interactive roundtables, hot topic discussions, and an opportunity to meet with me.

Visit Echoworx during the Sponsor Pavilion and Dinner Buffet, between 6 p.m. – 7:30 p.m.

Echoworx’s OneWorld Enterprise Encryption, provides an adaptive, fully flexible approach to encryption that ensures the privacy of sensitive messages. Enterprises investing in the OneWorld platform, are gaining an adaptive, fully flexible approach to encryption, creating seamless customer experiences and in turn earning their loyalty and trust.

This is sure to be a great event and networking opportunity. Hope to see you there.

By Chris Grossi, Enterprise Account Executive, Echoworx

02 Sep 2016

Unencrypted Client Emails Imperil Outside Counsel to Breaches

In 490 BC, Ancient Greeks used a person to deliver a message during the Battle of Marathon. The Greeks had defeated the Persian army, but they were worried that the Persians, who retreated to the sea, would head to Athens to launch a new attack. The Greek army needed to send a message to Athens to tell them that Greece had won the battle but also to warn them that Persia may try to attack again. Pheidippides was given the job to run 26 miles to Athens to give the news. Pheidippides ran to Athens in about three hours and was so exhausted, however, that he delivered half the message and died.

Today, the Outside Counsel is the Greek Army; its clients are the people of Athens, cybercriminals are the Persian Army, and Pheidippides’ death is unencrypted emails. In retrospect, running such long distances was not the best way to communicate messages. Similarly, unencrypted emails are just as risky.

Unencrypted attorney-client emails expose law firms to an array of threats, including cyberattacks on their server, data breaches and unauthorized use of confidential content. Once the cybercriminals gain access to attorney-client emails, they can collect enough data to launch more sophisticated phishing attempt. The law firms have little control over pushing clients to underpin the vulnerabilities of their email security system. Ergo, the responsibility of securing email communications falls on law firms’ shoulders. When securing emails, encryption would seem like the first go-to defense. But many often shun the technology, because traditionally it has been thought of as very clunky to implement.

To this end, Echoworx has a solution that will make sure that all emails leaving an organization are scanned for sensitive information, and just what is sensitive information is left up to the law firms to decide as specified by Jacob Ginsberg, senior director at Echoworx.

legaltech

Echoworx believes in strong cyber security, preserving privacy rights, and the expectation of secure digital communication. Its email encryption software, OneWorld Enterprise Encryption helps firms from all industries to secure information and communication in and outside of their enterprise. To know more about strong email encryption, the risks associated with weak B2C communications,  and why encryption is a must for your company:

  • Download our REPORT  | Fraudsters, Hackers & Thieves!
  • Download our DATA SHEET  | OneWorld Enterprise Encryption

By Alex Pajiltsev, Enterprise Account Executive, Echoworx

09 Aug 2016

Fraudsters Hackers & Thieves!

It’s official: Most consumers do not feel like their private data is indeed being kept private.

Looking around at the headlines, where high-profile breach after high-profile breach is documented, the lack of trust in data security is no surprise. Whether it be through a corporate breach, where consumers’ confidential information is revealed as part of thousands of records stolen or inappropriately handled, or an attack that they themselves initiate via inappropriate use of their personal computer or mobile phone, or anything in between, breaches have caused consumer distrust to become rampant when it comes to whether or not their personal information is being kept safe. This is hammered home in a recent Global Survey on Internet Security and Trust report from CIGI-Ipsos, in which only 38 percent of consumers surveyed trusted that their activities on the internet are not being monitored.

Consumer distrust grows

Stop for a moment and think about how much of our lives are now conducted online, or are connected in some way. When you wake up in the morning, you likely check personal and perhaps work email from a tablet or mobile device. You might update Facebook, Instagram or Twitter. You may ask your Amazon Echo what the weather and traffic is like on your way to work. You might place a grocery order online, or order a new supply of toilet paper. On the ride into work, you might use a Bluetooth headset to listen to voice mails or catch up on the day’s headlines. When a large majority of our everyday life is conducted online, how did the industry get to a point where the consumers who have bought into this “connected vision” don’t feel safe being online?

Symantec conducted a survey on privacy within the European Union, and found that 59 percent of respondents have experienced a data protection issue in the past. Reported issues included being notified of a data breach by a company that had access to some of their personal information, having an email or social media account hacked, having bank details stolen, being a victim of online identify theft, getting a computer virus, or responding to an online scam or fake email. Overall, 57 percent of respondents reported being worried that their data is not safe.

The National Telecommunications & Information Administration (NTIA) in May released a report that correlates how connected we are online with a higher risk of data breaches. The report found that while 9 percent of online households that used just one type of computing device (such as a desktop, laptop, tablet, Internet-connected mobile phone, wearable device, or TV-connected device) reported a security breach, 31 percent of those that used at least five different types of devices reported a breach.

Opting Out

Furthermore, there is a potential economic impact to consumers’ distrust. The report also found that consumers are so concerned with privacy and security on the Internet that their household opted out of participation in certain online activities. Forty-five percent of online households reported that these concerns stopped them from conducting financial transactions, buying goods or services, posting on social networks, or expressing opinions on controversial or political issues via the Internet, and 30 percent refrained from at least two of these activities. In households that experienced a breach, these percentages are even higher.

This fear and distrust is not without good reason. In Symantec’s April 2016 Internet Security Threat Report (ISTR), the security firm estimated that if all breaches that occurred in 2015 reported the number of consumers worldwide impacted, it would total an estimated half-billion people.

exposed

Financial information such as credit card numbers are still coveted information, although their per-card value is going down and their shelf life is short since credit card companies and credit card owners are using technology to shut down fraudulent transactions quickly. Instead, the new sought-after information is information from insurance, government and healthcare organizations that is being targeted. The more details someone has about an individual, the easier it is to commit identity fraud, and targeting these groups provides more complete profiles of individuals to criminals. Real names are still the most common (78 percent) type of information exposed, according to the ISTR, followed by home addresses, birth dates, Government IDs (such as Social Security numbers), medical records, and financial information.

Businesses can and should be doing much more to secure customers’ private and oftentimes sensitive information, reducing the risk for everyone. History has shown that when encryption solutions—including email encryption—are deployed properly, they work well. But communications with customers requires a different set of criteria than internal communications or communications with partners. User experience is key, according to a recent research note from Gartner, consumers are likely to resist the installation of third-party software or apps on their devices to access secured content.

In summary, consumers today have become much more discerning about their online activities, and know controlling their online activity plays a role in helping protect their privacy. However, the organizations they do business with need to take the security of customers’ private data just as seriously, and invest the time, effort and budget into ensuring its safety.

By Greg Aligiannis, Senior Director of Security at Echoworx

Sources:
CIGI-Ipsos Global Survey on Internet Security and Trust
Symantec State of Privacy Report
U.S. Census Bureau NTIA Computer and Internet Use Supplement
Symantec Internet Security Threat Report Vol. 21
Gartner Guide to Email Encryption

09 Aug 2016

Fraudsters Hackers & Thieves!

It’s official: Most consumers do not feel like their private data is indeed being kept private.

Looking around at the headlines, where high-profile breach after high-profile breach is documented, the lack of trust in data security is no surprise. Whether it be through a corporate breach, where consumers’ confidential information is revealed as part of thousands of records stolen or inappropriately handled, or an attack that they themselves initiate via inappropriate use of their personal computer or mobile phone, or anything in between, breaches have caused consumer distrust to become rampant when it comes to whether or not their personal information is being kept safe. This is hammered home in a recent Global Survey on Internet Security and Trust report from CIGI-Ipsos, in which only 38 percent of consumers surveyed trusted that their activities on the internet are not being monitored.

Consumer distrust grows

Stop for a moment and think about how much of our lives are now conducted online, or are connected in some way. When you wake up in the morning, you likely check personal and perhaps work email from a tablet or mobile device. You might update Facebook, Instagram or Twitter. You may ask your Amazon Echo what the weather and traffic is like on your way to work. You might place a grocery order online, or order a new supply of toilet paper. On the ride into work, you might use a Bluetooth headset to listen to voice mails or catch up on the day’s headlines. When a large majority of our everyday life is conducted online, how did the industry get to a point where the consumers who have bought into this “connected vision” don’t feel safe being online?

Symantec conducted a survey on privacy within the European Union, and found that 59 percent of respondents have experienced a data protection issue in the past. Reported issues included being notified of a data breach by a company that had access to some of their personal information, having an email or social media account hacked, having bank details stolen, being a victim of online identify theft, getting a computer virus, or responding to an online scam or fake email. Overall, 57 percent of respondents reported being worried that their data is not safe.

The National Telecommunications & Information Administration (NTIA) in May released a report that correlates how connected we are online with a higher risk of data breaches. The report found that while 9 percent of online households that used just one type of computing device (such as a desktop, laptop, tablet, Internet-connected mobile phone, wearable device, or TV-connected device) reported a security breach, 31 percent of those that used at least five different types of devices reported a breach.

Opting Out

Furthermore, there is a potential economic impact to consumers’ distrust. The report also found that consumers are so concerned with privacy and security on the Internet that their household opted out of participation in certain online activities. Forty-five percent of online households reported that these concerns stopped them from conducting financial transactions, buying goods or services, posting on social networks, or expressing opinions on controversial or political issues via the Internet, and 30 percent refrained from at least two of these activities. In households that experienced a breach, these percentages are even higher.

This fear and distrust is not without good reason. In Symantec’s April 2016 Internet Security Threat Report (ISTR), the security firm estimated that if all breaches that occurred in 2015 reported the number of consumers worldwide impacted, it would total an estimated half-billion people.

exposed

Financial information such as credit card numbers are still coveted information, although their per-card value is going down and their shelf life is short since credit card companies and credit card owners are using technology to shut down fraudulent transactions quickly. Instead, the new sought-after information is information from insurance, government and healthcare organizations that is being targeted. The more details someone has about an individual, the easier it is to commit identity fraud, and targeting these groups provides more complete profiles of individuals to criminals. Real names are still the most common (78 percent) type of information exposed, according to the ISTR, followed by home addresses, birth dates, Government IDs (such as Social Security numbers), medical records, and financial information.

Businesses can and should be doing much more to secure customers’ private and oftentimes sensitive information, reducing the risk for everyone. History has shown that when encryption solutions—including email encryption—are deployed properly, they work well. But communications with customers requires a different set of criteria than internal communications or communications with partners. User experience is key, according to a recent research note from Gartner, consumers are likely to resist the installation of third-party software or apps on their devices to access secured content.

In summary, consumers today have become much more discerning about their online activities, and know controlling their online activity plays a role in helping protect their privacy. However, the organizations they do business with need to take the security of customers’ private data just as seriously, and invest the time, effort and budget into ensuring its safety.

By Greg Aligiannis, Senior Director of Security at Echoworx

Sources:
CIGI-Ipsos Global Survey on Internet Security and Trust
Symantec State of Privacy Report
U.S. Census Bureau NTIA Computer and Internet Use Supplement
Symantec Internet Security Threat Report Vol. 21
Gartner Guide to Email Encryption