After reading about the attack on Sony Entertainment, I am thinking that instead of worrying about hackers stealing from your bank we should be worried about hackers stealing from major corporations.
And that isn’t really surprising.
If identity is the seed of theft, then as banks and retailers get marginally better the soft squishy underbelly of HR departments becomes an inviting and easier target.
To date, a company cares about their business secrets being stolen, followed by their customer data being stolen and ending somewhere below not-at-all their employee’s private data being stolen. Employees don’t quit their job if their employer loses their data… At least not yet.
Identities are simply too valuable an asset for the bad guys to not want to steal, and unlike retailers where you can choose to not give them something that’s worth stealing your employer must have everything…
Me-thinks there is an opportunity for an innovation where companies can use tokens from some really secure system instead of the real raw data that they are just simply incapable of securing.
This Sony attack isn’t the end it’s the beginning.
[…] A few weeks ago I asked – what exactly happens when your employer treats your personal data as unimportant? […]