Digital4nx Group, Ltd.

  • About Us
    • Who We Serve
    • Close
  • Digital Litigation Support Services
    • Digital Forensic Investigations
    • Electronic Discovery Hosting, Consulting, and Advisory
    • Early Case Assessment
    • Expert Witness Testimony
    • Close
  • Cyber Security Services
    • Advanced Ethical Hacking
    • Vulnerability Assessment
    • Post-Breach Incident Response
    • Cyber Awareness Training
    • Cyber Risk and Compliance Assessment
    • CISO-As-A-Service
    • Close
  • News and Case Studies
  • Events
  • Contact Us
    • Subscribe to Newsletter
    • Close
You are here: Home / Announcement / Why doesn’t data security get the respect it deserves?

Why doesn’t data security get the respect it deserves?

July 27, 2017 by Rob Kleeger

Data breach “horror” stories have become a new staple in today’s business environment. The frequency of attacks which threaten (or compromise) the security of business networks and information systems continually increases.

Wells Fargo accidentally leaked thousands of sensitive documents, but not in the sophisticated way it’s often in the media. The bank wasn’t hacked, and its computers weren’t encrypted by Ransomware.

A lawyer representing Wells Fargo in a lawsuit has to now explain how she inadvertently turned over confidential information about thousands of bank clients.  She just inadvertently sent 1.4 gigabytes of files to a former financial adviser who subpoenaed the company as part of a lawsuit against one of its current employees.  The data set includes at least 50,000 customers’ names, Social Security numbers and sensitive financial info according to The New York Times, which confirmed the contents of the documents, the affected clients are some of Wells Fargo’s wealthiest, with investment portfolios worth tens of billions of dollars.

Will the NJ based law firm have potential liability exposure to it’s lawyers?

Only time will tell.

Judges in New York and New Jersey have issued orders barring further release of the documents, requiring the plaintiff to delete any document copies, and requiring the plaintiff to give the digital file to the court for safekeeping.

For nearly two decades, I have been assisting businesses of all sizes dealing with ESI (Electronically Stored Information) being misappropriated, lost, stolen, or spoliated.  Over 50% of the cases deal with theft of trade secrets, restricted covenant and non-compete’s, spoliation and within the past decade data breaches.

Seventy-four percent of organizations felt vulnerable to insider threats, while almost half of surveyed security professionals said that insider risks had increased in the past year, resulting in greater rates of stolen data and security breaches. (Source : A recent industry study by Delta Risk).

The business sector continues to have the highest percentage of total breaches reported — 54.7 percent at the six-month mark.

NOTE: I SAID REPORTED! 

MUCH OF THE MEDIA AND WHAT IS KNOWN IS ONLY A SMALL PERCENTAGE OF CASES REPORTED.

Although data security and breach response are constantly in the headlines, studies demonstrate that organizations remain unprepared to effectively respond to a data breach.

Is your organization ready?

Business leaders need to take a different approach and peel the bandages off from the past and identify what and where their “crown jewels” are. Information security has, by necessity, changed a lot from a strategic perspective. Back in the day, tall walls and clever architecture were all we needed to keep criminals out… Castles emerged in Europe in the Medieval period during the 10th century, built to provide protection from enemies. Later, castles became status-symbol residences for monarchs and royalty (the crown jewels). The weakest part of the castle’s defenses was the entrance. To secure access to the castle, drawbridges, ditches and moats provided physical barriers to entry.

It’s no longer good enough to ensure end-to-end protection within the walls of your enterprise.

In the case of Wells Fargo and their outside law firm, this should prove as a wake up call for third parties, any one of whom could cause real financial and reputational damage if compromised.

So why are firms not spending more time focusing on understanding what and where the sensitive data is?

Throwing Money at Cyber Security is NOT the Answer.

Before spending a penny, or a dollar, more on any technology, one must ask:

Have we got the basics right?

It’s often the basic hygiene, the basic controls that are overlooked in the search for the panacea that does not exist. Most security breaches can be prevented by having layered Cyber Security controls throughout the enterprise, however most organizations are spending a large amount of money protecting their perimeter from the hacker hooligans, however while that is necessary, it’s something that is often unstoppable. Meaning, if your firm is targeted by a hacker, or a hacking organization…no matter how secure your perimeter is, most security experts will confirm that there is nothing you can do to prevent it from happening.

For years, I’ve been saying “People are the weakest link”. In converse, they are also the best front line of defense to prevent or determine a possible cyber incident.

Unfortunately, Cyber ignorance or “cyber fatigue” has set in.

As stated earlier, most organizations are building defenses around the castle, however don’t have good controls around the data in their business which is the most vulnerable.

Please feel free to contact me for a fixed fee “Ethical Hacking” assessment or if I can be of any assistance to you.

Digital4nx Group, Ltd. provides Digital Forensic Investigations, Electronic Discovery Consulting and Advisory Service, Incident Response to Data Breaches and Cyber Security services such as “Ethical Hacking”.
LinkedIn | Twitter | Email | Speaking Events

Filed Under: Announcement, Educational, Press Release Tagged With: Cyber Security, CYBER UPDATE, LOSS OF ELECTRONIC DATA

Case Studies

  • Rob Kleeger participates in the 2020 Small Business Council Cybersecurity Event
  • Working Smart, Not Hard… Remotely: Cybersecurity tips in a COVID-19 World
  • Rob Kleeger speaks on panel to plan fiduciaries at Worldwide Employee Benefits Network NY Chapter
  • Rob Kleeger Returns as Guest Lecturer to Seton Hall Law School
  • LAWYERS: BEWARE OF PHISHING EMAILS

Categories

  • Announcement
  • Article
  • Case Studies
  • Educational
  • Events
  • Press Release
  • Seminar
  • Webinar

Rob KleegerFollow

Rob Kleeger
Digital4nxRob Kleeger@Digital4nx·
30 Dec

Thank you for being a member of the Digital4nx Group Family. Whatever your Digital Litigation Support or Cyber Security needs are, we'll be happy to find the right solutions for you now, and in the years to come.

Wishing you and your loved one's a safe,…https://lnkd.in/grsqm2W

Reply on Twitter 1344366645087596544Retweet on Twitter 1344366645087596544Like on Twitter 1344366645087596544Twitter 1344366645087596544
Digital4nxRob Kleeger@Digital4nx·
18 Dec

Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”. https://lnkd.in/gvveFdU

Reply on Twitter 1340083416767721472Retweet on Twitter 1340083416767721472Like on Twitter 1340083416767721472Twitter 1340083416767721472
Digital4nxRob Kleeger@Digital4nx·
8 Oct

In case you didn't see this post the 1st time...you won't believe what you are reading. https://lnkd.in/giSEpGf

Reply on Twitter 1314341941027299329Retweet on Twitter 1314341941027299329Like on Twitter 1314341941027299329Twitter 1314341941027299329
Digital4nxRob Kleeger@Digital4nx·
23 Jul

"We need to find solutions that ensure people of color receive fair and equal treatment AND that police officers – who put their lives on the line every day to protect us all – are respected and supported." https://lnkd.in/dEakP4R

Reply on Twitter 1286116624370741260Retweet on Twitter 1286116624370741260Like on Twitter 1286116624370741260Twitter 1286116624370741260
Digital4nxRob Kleeger@Digital4nx·
7 Apr

Digital4nx Group, Ltd. And I thank the @NJSBDC and America's SBDC for the opportunity to help educate #SMB's across America in this unprecedented time. #wfhsecurely #wfhtips #WFH
#staysecure https://lnkd.in/eFZVBVM

Reply on Twitter 1247582448717836288Retweet on Twitter 1247582448717836288Like on Twitter 1247582448717836288Twitter 1247582448717836288
Load More...

Digital Litigation Support Service

  • DLSS – Digital Litigation Support Services
  • Digital Forensic Investigations
  • Electronic Discovery Hosting, Consulting, and Advisory
  • Early Case Assessment
  • Expert Witness Testimony

Cyber Security Services

  • Cyber Security Services
  • Advanced Ethical Hacking
  • Vulnerability Assessment
  • Post-Breach Incident Response
  • Cyber Awareness Training
  • Cyber Risk and Compliance Assessment
  • CISO-As-A-Service

Case Studies

  • Rob Kleeger participates in the 2020 Small Business Council Cybersecurity Event
  • Working Smart, Not Hard… Remotely: Cybersecurity tips in a COVID-19 World
  • Rob Kleeger speaks on panel to plan fiduciaries at Worldwide Employee Benefits Network NY Chapter

Contact Us

Digital4nx Group, Ltd.
8 S. Main St - Unit 70,
Marlboro Township, NJ 07746
info@digital4nxgroup.com
732-786-4062

Subscribe to Newsletter
© 2019 Digital4nx Group, Ltd. | All Rights Reserved. Sitemap · Privacy Policy