Cybersecurity is the body of technologies, processes and practices designed to protect networks, computer programs and data from attack, damage or unauthorised access. In a computing context, security includes both Cybersecurity and physical security.
In the most disruptive form, cyber threats take assets of a nation or its people.
Bad Cybersecurity practices ought to hurt a company right?
Yes, but only if users come to know of the security breaches at the companies and brands they have signed up for, with or without sensitive information.
The issue came to the fore a few weeks ago, when fast food chain McDonald’s India asked users to update its app as a “precautionary measure”. It further said that the app doesn’t store sensitive financial information of its users and that it is safe to use. The McDonald’s statement didn’t come from nowhere. It came on the back of a blog post by Cybersecurity start-up.
Fallible which had noted that the McDonald’s app is leaking the personal data of more than 2.2 million of it’s users which includes name, email address, phone number, home address and social profile links. In the end McDonald’s neither rejected the report nor accepted the breach.
Fallible in this called ‘the security of Indian payments infrastructure’ a joke. It said, vulnerabilities in major payment gateways and wallets include multiple ways of data leak, monetary loss, private keys leak and more. This is not different from many other risk assessments.
It does seem some corporates are taking note. Some board members and executives of the Indian companies have said they lack confidence in their organisation’s level of Cybersecurity. However Cybersecurity hardly gets top management attention in India, as it is viewed merely as an IT issue. Making breaches public should be mandatory and is the wake up call companies need. It would then become a customer facing issue and management will be all ears.
We all will realise that good Cybersecurity can be good marketing.