Adam Levin’s new book, Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves, derives from a long-standing passion to educate individuals and companies on personal finance, identity management and privacy issues.
ThirdCertainty recently asked the former director of the New Jersey Division of Consumer Affairs and current chairman and founder of Credit.com and CyberScout, to put into context the unprecedented exposures arising from Internet-centric commerce. Full disclosure: CyberScout underwrites ThirdCertainty.com. (Text edited for clarity and length.)
Q: Why do so many organizations continue to lag in bringing their security posture up to snuff?
A: There are a lot of companies that either don’t understand it, or for some reason believe they’re going to escape it, and that’s not a healthy attitude. As larger organizations do start to become more secure, the cyber criminals will move on toward smaller businesses because they know there is less technology and less expertise available to slow them down.
This is the new frontier. The bad guys are very smart, and they don’t give up. Businesses have to understand that they’re going to face constant, persistent, sophisticated attacks. And even if you have a great security posture, there will always be some person somewhere who will make a mistake. You have to be ready, so you can respond almost with the equivalent of muscle memory.
Q: Are improvements arising in the wake of the high-profile data breach disclosures in 2015?
A: What’s changing is that there are more organizations involved in the cyber liability area than ever before. And companies are dealing with more regulators now than ever before. When a data breach gets disclosed, businesses are being asked to prove they had a plan and that they were doing everything they could to secure and protect consumers and employees. Only then will regulators and insurers be amenable to conversations about why a major data breach shouldn’t be an extinction-level event for the organization.
Q: How gratifying was it to write Swiped?
A: I’m gratified by the positive reaction to the things that we have done at CyberScout and Credit.com. Identity and privacy are part of the portfolio of our lives. They’re interdependent and really part of what I call ‘life continuing.’
If anything goes wrong with one it puts enormous pressure on the other. So more companies and organizations have begun focusing on the areas of privacy and identity security. And this is where we need pure consumer advocacy. The more we can secure our identities without sacrificing privacy, the better off we’re going to be. Identity and privacy are independent yet completely intertwined, and they must both be respected.
Q: Anything else?
A: Years ago, President Kennedy in his inaugural address talked about the concept of the torch being passed to a new generation of Americans—and it has. Unfortunately, I don’t think we’ve picked up the torch the way we should have in the areas of privacy and identity security. We must do that now because this has become a worldwide pandemic. We are all under assault and we have to have our guards up and defend what’s important.
This article originally appeared on ThirdCertainty.com.