The Growing Liability Risk: Your Information Systems

Business and government is not doing enough to protect sensitive and confidential personal information according to computer security experts at the annual Black Hat Europe conference being held in Amsterdam. From Red Herring:
“Simon Davies, a professor at the London School of Economics and director of Privacy International, told security researchers they would have to demand more transparency from organizations that deal in private information.
“‘Governments and businesses are saying ‘surrender your privacy and we’ll give you benefits and make a safer society.’ We have to push for greater accountability. We’re giving up this ancient right and the government’s not prepared to budge,’ said Mr. Davies.
“Recent scandals at Choicepoint, Reed Elsevier, Bank of America, and the University of California, Berkeley, have compromised the private information of millions of people. This data can be used to steal identities, apply for credit cards, and ruin debt records.”
But liability for lapses in computer security is not just the worry of large corporations. As small businesses gather more information about their customers they become more vulnerable to hackers and the liability that may result from their attacks.
And as the article in Red Herring points out, hackers are moving into the wireless world to find new paths into computer systems.
“Joe Grand, for example, gave a talk on vulnerabilities in common computer hardware. He said it was possible to break into a certain type of Dell wireless access point because nobody ever thought hackers would pull the appliance apart and test the software inside. ‘So many people in the computer industry trust hardware to be secure just because its hardware. It’s a total false sense of security,’ he said.”
Small businesses are setting up more and more wireless networks, and some, such as coffee shops, bagel stores and so forth, are setting up wireless networks open to the public. All are becoming vulnerable to a hackers attack, and if that leads to the wrong information getting into the wrong hands lawsuits will not be far behind.