Corporations all over the world are involved in partnerships, alliances and agreements that allow and permit the mutual exchange of data. Much of this is coordinated and validated between the IT Departments of each company, but just because you received confirmation in writing that the data exchange will be protected, doesn’t mean that it actually is.
Little is known about the type of security breaches that occur between companies as this is typically kept as part of an internal secret structure. The only time there is a release of information is during an exposure of a breach when personal data may have been taken. When companies enter into an agreement the transition of data is transferred via an encrypted API. The data fields are accessed and transmitted, allowing the receiving company to hold the contents of the agreed upon data. The security of the data falls on the responsibility of the receiving company, and as we have witnessed in the last few years, not all companies are prepared for a major cyber attack.
Sharon Knowles, CEO of Da Vinci Forensics says:
“The risk analysis of a company is the highest priority when considering a security risk and potential loss of data. Sharing data, on any level, opens the door for information access. Da Vinci Forensics works within the infrastructure of a company while also including discussions with all partners and ventures that involve the interchange of proprietary data. This is the extra step that is needed as part of the organic method of protection in today’s cyber world.”
The February, 2014 policy brief from the United Nations Economic Commission for Africa entitled Tackling the challenges of cyber security in Africa stated “Cybercriminals have long considered Africa as opportune to commit their criminal acts. Statistics from various sources indicate that Africa is very prone to cyber-related threats due to the high number of domains coupled with very weak network and information security.” It continued to state, “Cybercrime is a growing global phenomenon, which, according to a report by Symantec, Corporation issued in 2013, is increasing at a more rapid rate in Africa than in any other area of the world. Indeed, cybersecurity experts estimate that 80 per cent of personal computers on the African continent are infected with viruses and other malicious software.”
An additional an important note that was included in the above mentioned U.N. policy brief stated that one of the main challenges facing Africa for the topic of cybersecurity included:
“Lack of technical know-how in terms of cybersecurity and inability to monitor and defend national networks, making African countries vulnerable to cyberespionage, as well as to incidences of cyberterrorism.”
While South Africa has been one of the few countries that has been hesitant about data sharing in general, the adoption as a major player in the world exchange has loosened some of the previous barriers of acceptance. Any company that shares their proprietary data with another organization must make absolutely sure that all companies involved are elevated to the highest level of security.