NC experts: Companies, consumers bear burden of cyber security
Posted December 19, 2013
Raleigh, N.C. — Target may have grabbed headlines Thursday for a data security breach that affected 40 million customers, but hackers have hit plenty of other companies in recent years.
In 2011, Sony revealed 77 million Playstation Network consumers had passwords and emails compromised. And in 2007, the parent company for TJ Maxx and Marshalls reported 94 million customer accounts had personal and financial information exposed.
Laurie Williams, who leads a software security program at North Carolina State University, where she is also a professor, said more than money is at stake when data falls into the wrong hands.
“Every day, more and more software is built that has vulnerabilities in it,” she said. “There are things more important than money, like people's privacy, like people’s lives. Get into medical systems (and) you can start to kill people. (Same with) power grids – just disabling our country.”
She said companies can’t take security seriously enough.
North Carolina Commissioner of Law Enforcement Greg Baker is a former FBI Cyber Crimes Task Force coordinator who argues businesses need to get beyond the notion that security is a costly burden.
He points to Nortel, now bankrupt after suspected Chinese hackers infiltrated the company's computer networks for years.
“I believe it’s a global crisis,” he said. “In the world we live in today, I can tell you there wouldn't be a balance sheet without a strong security posture.”
That means caring about the customer includes heading off the next hacker.
Williams said companies need to make their computer systems a higher priority, “so it's not just about functionality, but security as well.”
Consumers should also take steps to safeguard their personal and financial information.
State Attorney General Roy Cooper exhorts residents to check their bank and credit card accounts often.
“The thing you should do is monitor your account,” he said. “If you haven't accessed your account, you should go online and access it.”
Cooper said sometimes it take years before people realize their information has been stolen.
Consumers can put a security freeze on their credit reports to prevent someone from accessing information, and a credit card offers more protection than a debit card.
Companies also bear responsibility, Cooper said.
“In 2005, we got a law passed in North Carolina that required companies and the government to notify the consumers when there has been a data breach,” he said. “We’ve had over 1,800 data breaches since that law passed that have had to notify our office and over 4.5 million consumers that have had to be notified of a data breach.”
Added Cooper: “It doesn’t mean you will be victim. It just means you should have heightened awareness.”