- Smartphone smackdown: Storm vs. iPhone
- Cisco fights to keep No. 1 spot
- 10 IT security companies to watch
- Researchers take a step in quantum computing
- Making the Wi-Fi connection
Last week I was in Switzerland, presenting at a security event. About 150 executives from a number of European firms came together in the picturesque town of Montreaux to talk about information security. I spoke on the topic of identity theft, showing how the last six years show a remarkable transformation in the threat from reputation-seeking techies to profit-seeking professionals.
Consumer identities have become the new currency of cybercriminals. Like a form of cybercash, they are easy to trade, hard to trace and easy to exploit. Unlike their heavily protected “crown jewels,” many companies are cavalier with the personal data of their employees and customers. In many cases, identities are not only easier to steal but also much easier to fence to those who will exploit them. As the number of consumers affected skyrockets, is there a point where business as usual is no longer possible?
After all, what is the penalty for a company that loses its employee or customer data? Not much, really. The impact on reputation has been diluted by the sheer number of companies that have lost data. After a while, it’s not even newsworthy. For many industries there are no regulatory penalties, other than the cost of notification in those states that have sunshine laws (such as California’s SB1386). Credit card companies and banks consider fraud part of the cost of doing business, and pass that cost on to consumers in fees and higher interest rates. Rating agencies use identity theft mainly as a marketing message to sell protection to consumers from the vulnerabilities that they themselves have created through loose policies.
And what is the burden on consumers? In the best case, it’s the inconvenience of waiting while a new debit or credit card is ordered. More often, however, there’s money to be reclaimed, credit records to fix, lenders to contact and a six months’ ordeal of bureaucratic letter-writing. Some consumers have faced this multiple times, despite shredding, firewalls, antivirus protection and all their other efforts to protect their identity.
Back to the conference in Switzerland: The discussion of this topic had a very different resonance in Europe. Many attendees came up to me after the presentation to tell me about their own countries, where identity theft is not a big deal (yet). The reasons are a much smaller consumer-credit industry and tighter privacy laws. While their credit industry is growing fast, their privacy laws are getting stricter too.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment