An RCMP investigator is urging businesses to be more forthcoming with security breaches if they want to help put an end to them.“If everyone keeps wanting to bury it, it’s not going to go away,” said Michael McCrory, an investigator with the integrated technological crime unit at the RCMP. McCrory, who spoke at a recent Xerox-sponsored security panel, said having such events helps companies realize that everyone is vulnerable to these types of attacks.
“By talking about it, it can help people realize that they’re not the only one being victimized,” he said in an interview following the discussion.
Many organizations, however, choose to keep these situations quiet because of negative press.
“Companies are losing billions of dollars from the inadvertent disclosure of trade secrets,” said Mark Halligan, principal of Welsh & Katz Ltd. and founder of the Trade Secrets Law Committee.
Employees can also be a problem, said Dan Verton, vice-president and executive editor of Homeland Defense Journal. He added companies can deploy either software that uses a keyword searching tool or hardware that records data leaving the network and determine where it’s going.
In addition to technology, Halligan said most people can be motivated by financial incentives, such as bonus cuts, to curb them from breaking their company’s policies. Verton, on the other hand, said he doesn’t agree with the incentive model.
“I want to see a (chief security officer) be publicly tarred and feathered for a security breach that could have been prevented.”