So much has been written about cybersecurity that it’s sometimes easy to forget exactly why it’s important in the first place.
Cybersecurity is important for two very human reasons:
- Our identities are increasingly online. From credit agencies to our workplaces and to the social media networks that we use every day, we are living online.
- The supply chains that keep us fed and clothed are all managed through information technology.
Last year, Risk Based Security reported that in the first six months of 2019, 4.1 billion records were exposed via data breaches. The impact of major data breaches involving organizations such as Equifax, Amazon, Marriott and Microsoft means something more than just having to change your password.
It means that individuals and groups are targeting the technology that, basically, defines and supports you in the modern world. They are targeting systems that contain your personal data. In other words, attackers worldwide are targeting you. That said, we must protect information systems.
Power, Presence and Privacy: Three Essential Factors
Information security is all about three factors: power, presence and privacy. Today’s tech is incredibly powerful. Just last year, the typical mobile device became more powerful than a traditional PC.
Additionally, tech is everywhere. We’re now wearing technology that has the ability to gather sensitive data wherever we go. Cybercriminals love to obtain this information. As a result, organizations that collect this data are held to strict standards.
Information: What’s at Stake
We love our Internet of Things (IoT) devices. But they gather sensitive information. Some of this information is called primary information, because it’s directly about you and your identity.
Examples of primary information include:
- Bank account information
- Credit card information
- Social security numbers
- Your weight
- Your purchasing choices
- And so much more
Combined, this is a recipe for identity theft.
This type of data is often referred to as primary data, or even personally identifiable information (PII). This data is captured, stored and processed. This processing is often called data analytics or business intelligence (BI).
Devices also capture indirect information about you, often called metadata. This data is the seemingly insignificant information you and your devices generate as you move from place to place.
Contact-tracing applications – which gained popularity amidst the COVID-19 outbreak – as well as typical mobile devices are all capable of capturing this metadata. Metadata can include the 4G cell phone towers and 5G devices that your mobile phone or smart watch has connected to, the ISP you are currently using and your location.
Each time you connect to a Wi-Fi hotspot, an organization is collecting data. The primary and secondary data you generate can all be crunched. This crunching allows organizations to make highly accurate guesses about your interests, future activities and even intentions. It’s up to cybersecurity professionals to ensure that this personal information remains private, secure and properly used.