Beneath the surface of normalcy lies a hidden layer of complexity. And the fact is, we are building a big, global, complicated machine, and it’s obvious that people don’t know how to secure it, ignore the challenges, or take advantage of those who don’t understand what is going on.
Yet going forward, we will continue to see many more Equifax situations that will result in the destruction of billions of dollars of corporate value. Some CEO’s will be held accountable; others won’t. Yet the sad fact is that entire companies will disappear to avoidable negligence with respect to security and infrastructure issues. The trend will become accelerated as technology driven disruption comes to drive forward every industry. We might one day see a car company go bankrupt — not because of fraudulent diesel mileage manipulation, but because someone hacked into the internal IT engine of millions of cars through a known backdoor.
Add to that the fact that 2018 will probably be characterized by the emergence of cryptocurrency scams as one of the leading news computer related news stories of 2018. You simply can’t have an important trend go supernova without a lot of fraudulent activities coming to the forefront as people “rush in to share the riches.” Blockchain is a critically important and transformative trend, but as with any trend, the good will come with the bad. I suspect that we will see not only individuals make stupid mistakes as they work to cash in without knowing what they are doing — but corporations and government as well.
Add to this increasing hyper-connectivity. The Internet of Things (#Iot) is only going to make the voyage more challenging, as we continue to link billions of devices to this big global connectivity machine. As we do so, many aren’t paying proper attention to the issues that come with #IOT either — read my 2 posts on #IOt that cover some of these security issues here and here.
It’s not like we haven’t known about the risks. Back in the 80’s and 90’s, I regularly read Peter G. Neuman’s Risk Digest, and even contributed a few emerging risks to the regular newsletter. Looking back, most of was predicted back then has come to pass, including the hacking and hijacking of election systems and technologies. It’s only going to get worse; I covered these challenges when I did 2 talks for the chief legal officers for a vast number of Fortune 500 companies last month, as covered in my post, Understanding, Managing and Minimizing Accelerated Risk.
Why does IT risk continue to be an issue? Because the fact remains : companies simply do not pay attention to what must be done to protect themselves against KNOWN RISK, because it is not at the level of the Board. Most major companies do not have IT or security as a Board level skills matrix responsibility; they are still focused on legal, finance, executive compensation and the other same old stuff they’ve always been focused on as Boards. Yet I’ve long said that IT and risk management needs to be something dealt with at the Board – until then, things will not change!
Gosh, back in 2003 – 14 years ago — I wrote in a post: “There is a common theme here — companies continue to ignore security issues, and the result is significant business damage. And to be frank, this isn’t just a small issue anymore — we are witnessing the actual destruction of corporate value due to negligence! THIS IS A CEO LEVEL ISSUE NOW, FOLKS!” —> https://www.jimcarroll.
I used CAPS!
Then I wrote in that same post: “Until senior management wakes up and realizes that without action, they can see their corporate value destroyed over night, we’ll see more of this.”
Sadly, I nailed that trend….
Sadly, for many organizations, nothing will change into 2018 and going forward.
If you do anything, pay attention to security. The future of your organization depends on it.