Cyber-security is serious business for modern companies across the spectrum.
Celebrities and politicians aren’t the only ones being hacked and publicly embarrassed, CEOs and other influential company leaders are under the hacker microscope today as well. Although hacking groups like Anonymous have claimed responsibility for some of the more recent politically motivated attacks, other intrusions with less clear motivations are being traced back to foreign nations.
For example, last month’s admission of a data breach at Yahoo! that began in the fall of 2014 was reportedly the work of Russian hackers trying to break into email accounts. Ultimately, over 500 million usernames and passwords ended up being swiped. Russia has also been implicated in hacks of email and documents belonging to billionaire George Soros’s Open Society Foundation, as well as those of retired U.S. Air Force General Philip Breedlove and former chairwoman of the Democratic National Committee, Debbie Wasserman Schultz.
Who’s to Blame?
North Korea has been blamed for leaks of information stolen from servers at Sony Pictures that painted co-chairman Amy Pascal in a negative light.
Of course, the tiny nation denies these charges. Even though hacking is an incredible risk for big businesses with secrets just as much as it is a risk to national security, corporations are starting to do better to protect themselves. The problem with email, according to security consultant Ryan Lackey in an interview with the Wall Street Journal, is that “it’s a 35-to-40-year-old system that does not have security built in from day one. You’re basically putting the most secure data into a system that was never built for it.”
The solution businesses are coming to, often independently, is to do less with email and more in person. If an executive needs to shoot off a memo about the company dress code or an employee has to ask a simple procedural question, email will fill the bill, but communications should be formal, basic and bland.
Secure data should be taken to a secure platform, handled over the phone or in person—these may be the only ways to keep hackers out of important company documents. Until email systems are better, the information that’s transmitted across them should be treated as if someone else is reading it, because they might be.