Grin and Bear It: A New Security Attitude for 2015
Data security is a grim business, especially of late. There’s an expected seriousness when you’re handling sensitive data, stacks of information and the cold action of computing. But isn’t it time we cracked a smile?
Okay, I’m kidding, at least a little. In the last year alone, it’s sobering to read about and talk to people who’ve been damaged from leaked Social Security numbers, breached payment card info or hacked baby monitors. It’s also detrimental to drown out a sense of community, avenues of discussion or data protection solutions with the incessant drumbeat of “FUD” (fear, uncertainty and doubt). Scaring the living hell out of everyone who needs security is no way to stay sane – or to keep your best and brightest information protection people on staff. No joke, we’ve even sucked all humor out a goofy buddy comedy (and followed it up at the box office with an oh-so-threatening hacker flick, “Blackhat”.)
While not a New Year’s resolution, I would like to make the push for some sunny perspective in 2015. The sky is falling … isn’t it nice to see the stars so close! Seriously, let’s take a spirited look at the threats and realize we have not been reduced to an irrelevant gallery to a cyber-apocalypse. Information security folks didn’t get into the trade because it would be a breezy job. Yet, we have the tools to keep everyone protected, especially if we remember that there are people – real people: co-workers, friends, that grumpy overseas sales guy – on the other end of both the data and how it’s used.
Coming at it from that perspective, we talked this week with Alan Pelz-Sharpe, the “social business” director at research firm, 451. Frankly, he said security isn’t the first concern of the companies he’s talking with. Security is more like the fourth or fifth concern, a “nuance” in a broader business project. They want to get things done, and if security can be added easily along the way, then great. Now, you’d have a security analyst or vendor apoplectic if you put absolute, total protection anywhere other than first in your lineup of priorities. Remember, though, the person who needs protection and wants privacy probably isn’t your typical crypto whiz. Everything your company emails, shares and stores isn’t top secret information. “They’re figuring out what is sensitive and what is stuff,” Pelz-Sharpe said to us.
Increasingly, as I recently read from another source much farther from the sphere of tech security, people push away as they feel their privacy is compromised. Leeds University sociologist Zygmunt Bauman wrote a few years ago that, as people’s sense of privacy diminishes, there is a devolving notion of “joy” in secrecy, a vital element in the relationships that bring people closer. Personal lives and senses of self blown wide open, we’re left less connected and welcome to each other. Okay, Bauman writes about some heady stuff and I spend much more time enjoying a beer or two and watching the Red Wings at night to pretend I’m moonlighting as a sociologist. As a new way to look at today’s huge business security dilemma – namely, the varying degrees of protection of information – I do find Bauman’s main point to be utterly fascinating. He summarizes: “The present day crisis of privacy seems to be inextricably connected with the weakening and decay of inter-human bonds.”
Working together would sound like a corny remedy for the massive business information security challenge if it weren’t so glaringly absent. To get closer on that joint effort for better data protection, we may need to grin and bear it, so to speak. No more shouting like Henny Penny at every breach – and chasing away everyone else in the barn. A smile would be a welcome addition to the soft skills needed to rally users and business support for 2015’s security challenges.