Over the past two days, there have been 3 news events that have highlighted the importance of why organizations need to do a better job of protecting their mission-critical data. However, corporate fiduciaries, who are in the best position to counsel businesses on this matter, have very little knowledge about what sorts of "care" should be applied to data. The first event deals with an investigation, by federal prosecutors, that alleges Hilton Hotels spied on Starwood Hotels & Resorts, and used the information to launch a luxury hotel chain. According to Ms. Barbara De Lollis, of USA Today, Mr. Ross Klein and Mr. Amar Lalvani stole documents from Starwood to develop a luxury hotel brand, Denizen. The article mentions that the lawsuit and federal investigation have the power to hurt Hilton’s growth. "Hilton will be distracted and have to invest resources," according to Forrester Reseach analyst Mr. Henry Harteveldt.
Next, on yesterdays front page of The Wall Street Journal, Ms. Siobahn Gorman, August Cole, and Yochi Dreazen, reported that computer spies had broken into Pentagon data networks and stole the plans on the US government’s plan to build the $300 billion dollar Joint Strike Fighter Jet project – the costliest weapons program ever. In a followup to that story, The Wall Street Journal reported today that the Obama Administration plans to create a new military command to coordinate the defense of Pentagon computer networks and improve U.S. offensive capabilities in cyberwarfare. This as the news continues to show an escalation in the amount of cyber-spying going on between governments and corporations from around the world (and guess what folks, we do it too).
This is just the latest example of how our government, and in an analogous way corporations, are in a "reactive" mode when it comes to cyber-security. Generals, security professionals, privacy professionals, and lawyers (not all, but a small cadre) have been commenting on the need to address this epidemic, dare I say pandemic, from a governance perspective for a while now. However, it is our habit in business and government, to only address issues as they arise, otherwise there is a cost-benefit analysis that one has to go through. People, espionage is rampant and growing. There is no solution to this problem yet. It WILL happen to you (if it hasn’t already done so without your knowledge). Maybe we get what we deserve, since we don’t seem to necessarily put the proper mechanisms in place to try and mitigate exposure. A continued "reactive" model will be extremely costly to us as taxpayers and shareholders, and therefore, corporate fiduciaries (that’s you lawyers) need to do a better job in counseling their clients about data loss and leakage.
To read the article, please click here: Grand Jury Seeks Hilton Papers in Case Alleging Spying on Starwood
To read the article, please click here: Computer Spies Breach Fighter-Jet Project
To read the article, please click here: New Military Command to Focus on Cybersecurity