Towards the end of the year, we always see a significant increase in the number of cyber attacks, this is true in the world and so it is right here in Israel. Today a company that falls victim to an attack, is absolutely not the main victim.
In the recent cyber attack by the Black Shadow organization, we are beginning to see elements of terrorist activity in front of private individuals. The attacks are no longer against a particular company that was not responsible enough to protect its information, but also and especially about its users whose private information the attackers were able to obtain.
Users can be completely private individuals and even populations that are characterized by a certain sensitivity such as the LGBT community that the site they use to get to know has also been hacked.
At a time when information from private individuals is frequently exposed in cyber attacks, is the cyber system’s policy of alerting organizations to vulnerability and danger sufficient? Or is there no choice and should we also start incorporating actions of enforcement and verification that indeed the issues are addressed? Who exactly is the adult responsible for protecting the public?
Should the protection of our information be in the hands of the companies themselves or in the hands of the state? Either way, today in the market security solutions are available and can be easily implemented that allows for maximum protection.
The “resilience character” of the array is a welcome and important step. It can help any organization and body that chooses a service provider, check if it has indeed done the right thing and meet information security standards that will help reduce the chance of being harmed by an attack.
But the bottom line, when we talk about personal and very emotional information like users of an HIV-positive dating app, the next step must be taken, real responsibility must be taken for it and someone must be the responsible adult.
The author is the CEO of the information security company ESET Israel