For better cybersecurity, think like a hacker



Image provided by Getty Images (Matej Moderc)

Business as it has always been done it is not the only way, nor even the best way. There is much to gain by observing surroundings and pondering the possibilities.


When you look at your own data security, think like a hacker. Understanding the value of your digital assets from that point of view can help boost your protection.

Famed bank robber Willie Sutton was asked why he robbed banks. His reply was, “Because that’s where the money is.”

Ask a hacker why he breaks into Chase, Business Wire or Ashley Madison and you’ll get the same answer.

So when you look at your own data security, think like a hacker.

The pot of gold reflects a mix of supply and demand, coupled with delay in being discovered.

Juicy information

While you don’t want your recipes, drawings, customer lists or new product plans to be stolen, industrial espionage has a small market. The names, Social Security numbers, bank account number, and 401(k) investment accounts of your employees are in worldwide demand.

You may well have outsourced payroll, and retirement plan administration, but you can’t outsource your obligation to your employees to take care of the personal information they have entrusted to you. Part of a robust supply chain supplier evaluation process should include protection of your data, and that includes professional services firms.

Is yours a CPA or financial planning firm? What a lovely target you are! Client confidential information sits in your systems, like money in a bank. If you don’t have some of the best data security systems available, the negative headlines, reputation carnage and client exodus are unfortunately all too predictable. I’m not even talking legal implications.

Business Wire and its competitors receive, among many less-alluring reports, earnings data before it is to be released to the public. Government statistics prior to their scheduled release could be of even greater value. Identity theft is one thing; using advance information for personal financial gain is another.

Protect yourself

Where all are your company financial accounts stored? How many of your suppliers have that, and how well do they protect it? Hopefully as well as you are defending the financial account information of your customers.

Whether you are a small financial services firm in a small town, or a huge international company with offices in every major city, a system reachable by the Internet can be used for significant gain is a prime target.

The less-confidential information of value to others you maintain, the less likely a skilled invasion will occur. Your system may get taken over for ransom, but that’s child’s play in comparison.

I’d like to believe that my readers don’t think like criminals, but I also believe that you know many people do. This is likely one area where you lack the expertise to be the best, so reach out to professionals who can protect that which is most important to you.