As cyber attacks have become more prevalent, piles of company information and client data is stolen each year.
In 2014, over 700 million records were stolen. The threat of the attacks has become almost ordinary. Many companies that hold sensitive data don’t even do the bare minimum to protect it from hackers. They don’t encrypt the data, leaving it open for adversaries to exploit.
Although it’s clear companies need to encrypt data further to stop hackers, right now, governments are trying to stop them from doing it. The US and UK governments are threatening to ban encryption, because they say having access to data will help to thwart terrorist attacks or other serious crimes. In this article, we speak to the growing frequency of cyber attacks, while arguing that companies have a duty to encrypt data and provide security to protect customer’s personal data from being compromised, even if it seems it could disrupt national security.
Security breaches and data compromised
According to The 2015 Information Security Breaches Survey, 90% of large companies in the UK reported some form of security breach, up from 81% last year. A report from the Identity Theft Resource Center found 781 breaches in the US, which is the second highest number of attacks since it began tracking in 2005.
Each year, a number of high-profile scandals arise in which customer and internal records are lost, employee records are compromised, or customer data is stolen.
In June 2015, the United States Government Office of Personnel Management fell victim to data breach, exposing the sensitive information of 22.1 million people. This was the second data breach in 2015; earlier, 4.2 million employees’ data was stolen. US officials said the hackers not only accessed personal records of employees, but also the information of people they listed as references for some of the most secretive jobs in the government, a huge concern for national security.
Telecommunications have frequently been targeted by hackers, too. In October 2015, hackers stole personal information of 15 million T-mobile users who had applied for their service.
Read More: Giving up the last stronghold: the IoT, ransomware and your home
The same month, British telecommunications company TalkTalk was hacked and 157,000 customers’ information was stolen. The hackers demanded ransom from the company.
Encryption is something communication companies need to offer
Companies have a duty to encrypt their data. It’s the best way to achieve data security because hackers can’t access it. To read encrypted information, someone must have a password to decrypt it and turn it to plain text.
It’s a treasured tool to protect data, but many companies don’t utilize it.
According to a Sophos survey, half of larger organizations (501-2000 employees) encrypt extensively. But only 38% of smaller organizations (100-500 employees) do. Even TalkTalk admitted to not having their data encrypted. But why didn’t they?
Sophos cites lack of budget, performance concerns for users, and lack of encryption knowledge as the top three reasons. Encryption has a reputation for being expensive and complicated, but finding the right IT partner to help companies through the process will help them to navigate smoothly, recommends the survey.
Government operations versus encryption
Although this lack of encryption is concerning, there are large corporations who take encryption seriously. Apple, Microsoft, and Google encrypt many products automatically, a move made following Edward Snowden’s NSA revelations.
But, law enforcement and governments aren’t having it.
A bill in New York wants to ban the sale of encrypted smartphones that can’t be unlocked by manufacturer to make it easier for law enforcement to access data on smartphones and thwart terror attacks. A bill in California calls for the same, but their reasoning is to fight human trafficking.
A UK bill nicknamed Snooper’s Charter wants to make it legal for police to track online activity through platforms like email, WhatsApp, and Skype. It will also make it illegal for telecommunications companies to not hand over user data to police or government. Additionally, staff at social media companies could get up to 2 years in jail if they let their customers know they are being surveilled.
Microsoft, Twitter, Apple, Yahoo, and Google sent a letter to Home Secretary Theresa May saying they would oppose the UK bill.
“Now, we have a deep respect for law enforcement, and we work together with them in many areas, but on this issue we disagree. So let me be crystal clear — weakening encryption, or taking it away, harms good people that are using it for the right reasons,” said Apple CEO Tim Cook at an Electronic Privacy Information Center event in 2015.
“And ultimately, I believe it has a chilling effect on our First Amendment rights and undermines our country’s founding principles.”
Read More: Apple won’t comply with FBI to create backdoor to iPhone security
As governments pressure leaders from the Silicon Valley to fork over information in the interest of national security, the NSA has a surprisingly positive stance on encryption.
NSA Director Adm. Mike Rogers says end-to-end encryption is necessary for the future of America, arguing that whether or not we should do away with it for the sake of national security is a waste of time.
“So what we’ve got to ask ourselves is, with that foundation, what’s the best way for us to deal with it? And how do we meet those very legitimate concerns from multiple perspectives?” he said to the Washington D.C. think tank, the Atlantic Council. “We’ve got to meet these two imperatives. We’ve got some challenging times ahead of us, folks.”
The future of encryption
Security has become more imperative than ever. Businesses, however, aren’t always able to keep up with their growing use of tech, leading them to lag behind in encrypting data, even if they have good intentions.
According to the same Sophos Survey mentioned earlier, 97% of organizations polled already use encryption to some degree, or plan to implement it in the future. 69% plan to do it in the next 1-2 years, and only 5% of companies think they don’t need to.
The numbers are promising, and show that businesses see a need for encryption (although maybe not an urgent one), but we’ll have to wait and see if companies’ intentions develop into actions, fulfilling their duties of encrypting data to protect both customer, employee, and company data from being compromised.
Nicholas Kyriakides is the Co-founder and Chief Operating Officer at netTALK. He is also an adjunct faculty member in the business school at Miami Dade College and Broward College. NetTALK allows for free Duo-to-Duo international calling.
Five years ago, Frank Chen posed a question that has stuck with me every day…
What happens when the world's richest man gets caught in the crosshairs of one of…
As companies that operate large vehicle fleets make the switch to electric vehicles (EVs), a…
A predictive government utopia would be a dystopian nightmare for constitutional republics: perspective Predictive government…
The finternet will merge into digital public infrastructure where anonymity is abolished, money is programmable…
After more than ten years on Elance / oDesk / Upwork, I dare to say…
View Comments
Excellent article and very informative. We as consumers must take an active roll in demanding companies use the technology to protect our information. There's really no excuse for all this cyber terrorism, because the technology is available to thwart. They must step up and begin implementing it, especially our government!
Your story was really infmaortive, thanks!
I tell you one thing I’m looking forward to — Mitt’s acceptance speech. This thing is going to be the most epic display of oratorical incompetence ever seen in the Western World. My guess is that it will shock in its total lack of ability to deliver an iota of inspiration. People will be shaking their heads in total disbelief.
I love French Dip sandwiches. You're right it would be a great way to use up leftover beef. This is the week of leftovers around here. Thanks, Mary. Take care.
It sounds like your detox is going well. As a nurse I recommend that you are careful with your water intake, because it place your electrolytes at dangerous levels. Try not to force your self to drink alot of water. I don’t mean to scare you.
"That's what you're advocating, juandos. This is one concept that has remained historical in the US for a non-political reason."...I see what your problem is sethstorm, your command of the English language is more than a bit 'iffy' at best...BTW even at the turn of the century there was NO ONE holding a gun to the head of parents and forcing their kids to work in these shops in the United States...Oh, one more thing, are there laws in these third world countries mandating child labor? If so name off a few (credible links would help your case)...
That insight's just what I've been looking for. Thanks!
first-rate write-up…Magnificent goods brought on by most consumers, humanity. I’ve come with an awareness of those items before along through the use of you’re easily concurrently incredible. I easily really judgemental for whatever you may have acquired within, really …
Hi right now there! I’m in the office browsing your site from my personal new iphone! Just planned to say I really like reading your blog and enjoy all your posts! Keep in the superb perform!
transferred the list in its entirety, please keep in mind that only those submissions that fulfill both requirements will be included in the draw. Thank you for taking part and good luck my