Actu
Arrogant organisations are pulling the wool over their customers’ eyes, according to Simplexo
September 2012 by Simplexo
Customers and end-users are having the wool pulled over their eyes by organisations that fail to report data breaches, according to Simon Bain, CTO of Simplexo.
The EU has recently called for businesses and governments to be more transparent when they suffer data breaches, in response to reluctance from firms willing to reveal when they’ve been the victim of cyber crime. The call was made by ENISA, the EU’s information security agency.
In the report ENISA stated: "Lack of transparency and lack of information about incidents makes it difficult for policy makers to understand the overall impact, the root causes and possible interdependencies. It also complicates the efforts in the industry to understand and address cyber security incidents. And finally, it leaves customers in the dark about the frequency and impact of cyber incidents.”
In light of this Bain commented: “The EU is spot on with its comments. Firms are becoming too arrogant and pigheaded to admit when they are in the wrong.
“In their eyes as long as the product works the customer doesn’t need to know about the dirty little secrets which go on behind the scenes – firms are simply happy to pretend everything in the garden is rosy when vast amounts of evidence is available to prove otherwise.
“By taking this approach these companies are in fact doing their customers a major disservice. After all you would not leave a member of your family in the hands of a stranger unless you had complete faith and trust in that person. Why would you not do the same with your medical or financial history? Organisations who hold information on us do so on the basis of trust and when that is broken the damage is done.”
“Ultimately a serious dose of reality is needed. Hacking and security breaches are not going away and they are here to stay. It’s up to us to implement measures to act and prevent this. Brushing under the carpet and staying hush-hush is nothing short of foolish. Businesses need to sit up and take notice of data breaches. For example, there is far too much reliance on firewalls and token-based authentication tools, which offer scant protection from hackers.
Bain concluded: “The key in all of this is getting firms to pull their heads out of the sand. Hackers are more highly skilled than ever with breaches becoming more complex. In order to meet these challenges head on transparency is essential. By acknowledging and sharing information, organisations will be able to gain better understanding of malicious attacks and also evaluate what can be done to ensure the safety of customer data. For those that don’t you’re not only risking your customers livelihood, you’re risking your own as well.”
