The New Normal: Cyber Attacks in #Fintech
By: Shane Kim and Jason Tagler
Cyberattacks have been in the news all too often in the last year: Millions of shoppers’ credit card information stolen from Target, the cybertheft of millions of social security numbers from the federal government’s computer system. News agencies are beginning to refer to data breaches as “commonplace.”
The Federal Bureau of Investigation and most cybersecurity experts warn large companies that they should not be asking themselves “if” they will be hacked, but “when.” Faced with the near certainty of a potential breach, what should leaders do? According to Ruston Miles, Chief Innovation Officer of Bluefin Payment Systems, a Camden Partners portfolio company, companies have two choices: “Defend the Fort, or Devalue the Data.”
Defend the Fort
This is what most of us think of when we envision preventing cyberattacks: 24/7 monitoring, building stronger security and erecting higher walls. The approach is expensive, but a logical decision in today’s threat environment.
Devalue the Data
What do hackers want? In most cases, hackers want data that can be used to execute financial fraud for personal gain: social security numbers, credit card numbers. If the data never exists, or is rendered useless, there is nothing of value to steal when a breach occurs.
Prolexic, a former Camden Partners portfolio company that was sold to Akamai Technologies in 2014, is a premier outsourced provider of DDOS (Distributed Denial of Service) attack mitigation – or, defending the fort when a hacker tries to take a company’s website down. Prolexic helps global banks, online retailers, payment processors and other companies fight off the DDOS attacks if (when) they occur.
Bluefin’s approach to cybersecurity is to devalue the data. By building defenses into hardware, instead of software (the usual medium of defense), Bluefin makes it extremely difficult for hackers to access sensitive data.
As FBI director Robert Mueller famously said in 2012, “There are only two types of companies: those that have been hacked and those that will be.”
So what have we learned, three years later? Not only are cyberattacks multiplying, but an unprecedented amount of personal data and applications are accessible over the Internet, from health records to a car’s onboard computer.
We’re just beginning to understand the defenses necessary to protect companies from cyberattacks and data breaches – and hackers’ tactics are morphing daily. As virtually every industry grapples with this new reality, we’ll continue to be on the lookout for more companies that are winning the war against hackers – to provide not only peace of mind, but state-of-the-art protection when an attack occurs.