In a scene from the 1992 movie, Sneakers, the protagonist hacker Martin Bishop (played by Hollywood icon Robert Redford) was confronted by his friend-turned-nemesis Cosmo (played by actor Ben Kingsley) who said these words:
“The world isn’t run by weapons anymore, or energy, or money, it’s run by little ones and zeroes, little bits of data. It’s all just electrons.”
In the movie, Martin and Cosmo were young hackers or “sneakers” that use their techno-wizardry to creep into computer and information systems to disrupt companies and institutions that they deemed to be a bane on society. In their idealism and activist fervor, they sought to exact revenge on these monoliths of power through hacking. As they grew older and apart, Martin mended his ways and parlayed his expertise in helping governments secure their information networks. Cosmo, on the other hand, deepened his techno-anarchist beliefs and later on hatched a diabolical plot to bring down the world’s economy using cyber technology.
Today, governments, business conglomerates, banks, other financial institutions, and military organizations from across the globe scramble to get the most cutting-edge IT security software to protect their most valuable resource: information. Software like the data access security broker is much sought-after for its ability to safeguard vital government information and corporate data. Investments are made into the millions of dollars to secure the most precious among 21st-century resources: Information.
Going by the news headlines and tech industry buzz, Cosmo’s words uttered on film have become a reality. Those words from a script had become the proverbial example of ‘art imitating life.’ In this case, it is more than imitation. It is a prediction that has come true, a description of the present world we live in: the 21st century that can best be characterized as a digital world of technological bliss and hazards.
Asymmetric Threats to Governments
The ubiquity of smartphones, laptops, and other devices have surely made 21st century living faster, more convenient, and information-driven. People from all walks of life now have access to the Internet, enabling them to watch and hear the news; go online shopping; engage in e-commerce; and build professional and personal relationships across time and oceans in a truly globalized, interconnected world.
Yet behind the blessings of cyber-technology, there lurk numerous asymmetric threats that make security professionals and government leaders stay awake at night. Warfare, in an asymmetric sense, is attacking an enemy’s weaknesses. For example, a ragtag group of terrorists cannot possibly fight head-on against a military behemoth such as the US military. But if such terrorists gain high-level hacking skills, they can introduce malicious software and viruses into a military computer system, disrupting operations and, ultimately, undermining the security of that system.
Cyber Threats to Business and Industry
Banks, various types of businesses, and different industries also face cyber threats. One of the most common cyber hazards they face is referred to as “Insider Threat,” which are vulnerabilities to the security of data or information due to unsecured access to files via removable media (ex. USBs), cloud data, and file sharing between employees of a company or firm. Another threat is present when information or data is shared, that is, via so-called “Collaboration.” As information and data are sent, these can be exploited by unauthorized people or groups. Another threat is “Lack or Inefficient Data/Information Audits,” which occurs when a company is not able to monitor who, when, and why a certain set of data or information is accessed or used.
In practical terms, imagine the dangers of unauthorized persons having the ability to read into a bank’s database of depositors. Picture the implications of files being copied surreptitiously from a laboratory conducting experiments related to vaccines. The losses in terms of potential revenue and intellectual property by a company would be staggering, for instance, if its product blueprints are stolen digitally from its computers as a way to produce ‘knock-offs.’ While governments and militaries actively monitor and deter threats of cyber-terrorism, business firms and corporate entities are often targets of various types of cybercrime. What is common to both threats is that the intent or objectives include stealing, distorting, or destroying data and information.
Data Access Control: First Line of Defense
To protect against these cyber threats, access control must be given utmost priority. When a firm puts in place the necessary, effective, and proven systems to secure data access, it is already putting in place its ‘first line of defense’ against insider threats and all forms of a data breach.
In reality, it is no longer just about “ones and zeroes” as Cosmo claimed. Globally, the impact of data breach runs in the billions of dollars. In fact, it had been reported that an airline company and a leading hotel incurred at least $100 million in losses due to breach of data. In today’s economy, where only the fittest can survive competition, such incursions into data and unlawful ways of obtaining data could spell disaster for a business or an entire nation-state. Clearly, in reel and real life, safeguarding information and data is of utmost importance.