Who are the protectors of data?
You probably howled with disapproval when you learned about the recent data mess at the Department of Foreign Affairs.
Aside from that unacceptable inaccessibility or loss of data, nothing bad seems to have happened — yet. But you wonder, what could happen to your personal data? How could it be used to deceive others or commit other crimes?
This not the first time that the government had a data loss incident. Remember the one that happened to the Commission on Elections? Millions of voter data were downloaded from its website, and it included passport numbers and even fingerprint scans.
The Philippines is not alone in this. A few days ago in Germany, a young hacker living in a small village leaked the phone numbers, addresses, and credit card details of 1,000 politicians. The 20-year-old, who used the Twitter handle “G0d” to leak the data, merely guessed passwords to accomplish the deed.
Response of technology
Much of the data breach in the world is already being thwarted by leading-edge cyber technology that identifies, detects, and quashes cyber-attacks. It’s pretty good business, too. There are many companies now offering cybersecurity powered by AI, or artificial intelligence.
Spending on military and civil cybersecurity has grown from $3.5 billion in 2004 to $120 billion in 2017. Demand from companies is expected to increase 12-15% annually in the next three years.
No wonder financial institutions are pouring money into cybersecurity. The threats are real. No bank, for example, would want their clients to lose money.
Human aspect of security
We’ve got the technology aspect of security pretty much covered. But there’s another important aspect of security that needs to be emphasized: the human element.
Data security is as much about technology as the humans who set up these security systems, those who invent technologies to protect data, and the end users of these systems, even the clients themselves.
Dedicated hackers or cybercriminals may eventually catch up and see loopholes in the system. They are not loth to employing filthy tactics to achieve their selfish ends.
Security is a shared responsibility
Can we rely on technology to keep our data safe? Can we rely on the cybersecurity experts? To a certain extent, yes. But security doesn’t work that way – especially in this day and age.
It is a responsibility shared by all. The German hacker I mentioned just guessed passwords to steal data. Many were still using passwords like “123456” or “iloveyou”.
Here in the Philippines, people get duped by phishing websites where they give all their personal information. They don’t know how to check if a website is genuine or not, and they don’t care to know about how hackers steal information. They don’t exert effort to know even just the basics of online security. They even willingly give passwords over the phone.
Can cybersecurity experts, businesses, financial institutions, and other private or government entities take the sole responsibility for cybersecurity? Can we all relegate awareness to somebody else?
That would have been a perfect world. But the reality is that impregnable cybersecurity is a myth. So far, the only way to make our data safer is to combine technology, human expertise, and general awareness.
That makes each one of us a protector of our own data.
The author is the head of corporate affairs and communications at BPI