The Crucial Role of Personal Encryption in Shaping the Future of Business

The Crucial Role of Personal Encryption in Shaping the Future of Business

Data​ encryption ‌is⁤ threatened⁣ by government ⁣forces ‌who ​haven’t yet‌ recognized that ​without⁣ personal security, you ‌cannot have enterprise ‌security.‍ Because ⁢attackers will ‌exploit any available⁤ weakness ⁢to undermine⁣ protection — ⁢and ⁣if⁤ your⁤ people or your⁣ customers ​aren’t⁢ secure,‌ neither ‌is⁢ your business.

Get with ​the⁤ data

Attackers ⁣will always ​go where ‍the money ​is. They will spend lots​ of ⁤it to mount attacks.‌ They will delve deeper, and‌ if they’re‌ spending money, they‌ also ⁤have⁢ the necessary resources to‌ investigate ‍absolutely⁢ anyone⁤ they can ‌identify as a‌ potential target.

Such ⁣targets‌ could​ be⁢ someone who works ⁢in a company, ⁣government, or ⁤enterprise, but the attack surface⁤ could be something ‌as simple as ‌a link‍ they’re tricked ⁣into ⁣clicking ⁣based⁤ on insight into‍ their‌ personal⁤ information (insights that⁢ would not exist if that data was protected and ​secured).

It could ​also ‍be⁢ a⁢ link a ‌person‍ connected‌ to them,⁢ including ‌less‍ tech-savvy ⁤relatives, is tricked into‍ clicking. Attackers are ⁤smart ‌enough⁢ and ⁤have the resources to⁢ develop multi-stage ⁣attack patterns‌ to get what they want;⁣ they⁤ just need ‍access to personal ⁣information to​ guide their‍ hand.

That’s ‍why ⁤it ⁣is vital ​to ensure ⁣personal data is ⁣properly⁣ protected.

But the security of personal ‌data ​is⁤ precisely what shoddy laws such as the UK⁣ Online Safety Bill threatens, because when it demands a weakening of​ messaging​ encryption‍ it ⁤also means that ⁤any government anywhere — including‌ those ⁤we do‌ not trust⁣ —⁤ can​ demand the same.⁢ It ⁣also ​means ‍that the ⁤keys to these ⁣personal⁣ data kingdoms will eventually ⁤slip into the ⁣hacker ⁢mainstream⁢ — even ​those high-value ⁤NSO Group ‍exploits were ⁤sold on ‌the dark‌ web⁤ for a while.

‍ Weakening⁣ systems⁤ by design makes zero sense

The weaker a system becomes, the⁤ more attacks​ emerge ⁢to exploit those weaknesses; this is the fundamental ​problem of ⁣enforcing‍ data ​security weakness⁢ by ‍design.

What that abuse of the human⁤ right to privacy means is that​ it‌ becomes that much ​easier to exfiltrate ​personal⁤ information concerning‌ a target of ‌interest (Even​ if you need to bribe ⁢a couple of corrupt government officials to ⁣do ‌so).

We already⁤ recognize that ‍humans are the‍ weakest link in any ‌security​ infrastructure.‌ But what isn’t⁤ sufficiently recognized​ is that⁤ any action that puts those humans‌ more at⁤ risk makes​ anyone they ‍work for more​ vulnerable.

A well-resourced ⁤attacker will ‍simply ​identify ‍who⁣ works‍ at the ⁣company they’re aiming for and then find ‌ways to⁤ compromise some ‍of ‌those⁢ individuals using​ seemingly unrelated⁣ tricks.⁢ That compromised data will‍ then ​feed ‍into ⁢more⁢ sophisticated ​attacks against the actual target.

So, what‍ makes ⁤it easy ⁢to ⁢create those customized⁢ attacks in the first ⁢place? ​Information about⁣ those people, what‍ they enjoy, ⁣who they know, where ⁤they go, ‍and ⁣how they‍ flow. That’s ​precisely the kind​ of‍ data any weakening in‌ end-to-end encryption for individuals makes easier to get.

Because⁤ if you weaken…

2023-07-19 02:24:02
Article ‌from‍ www.computerworld.com ⁤rnrn

Exit mobile version