What the Ashley Madison Hack Has Taught Us: Data Security is Paramount

Tabloid fodder and cybersecurity converged last week with the news that infidelity website Ashley Madison had been hacked. The hackers, named The Impact Team, vowed to release confidential user records until the site and its partner website, Established Men (both owned by Avid Life Media), were removed from the internet.
The Impact Team appeared to take particular issue with Ashley Madison’s “Full Delete” feature, which promises to remove all traces of a client’s usage for $19. According to the group’s manifesto, “this is a complete lie. Users almost always pay with credit card; their purchase details are not removed as promise, and include real name and address.”
In a roundabout way, then, the hackers presented themselves as good guys fighting a major corporation that allegedly lies about keeping user data. And that, it seems, is the crux of the matter: personal data protection is of paramount importance in this era of cybersecurity attacks.

What is the most valuable data?

By and large, cybersecurity measures primarily focus on protecting financial data from potential hackers. However, the Ashley Madison hack reveals that that this scope may be naively narrow. For the 37 million Ashley Madison users, it was probably the confidentiality of their personal information (as opposed to financial information) that was of most concern.
The hacking thus reveals the multitudes of ways that companies have to protect themselves — and customers — online. It’s not just financial information, but also personal data, health information and emails that have to be protected. Take, for example, the Sony (TSE:6758,NYSE:SNV) hacks in 2014. During the scandal, the personal emails of executives made the biggest splash in the news, leading co-chairman Amy Pascal to resign.

New era of cyber attacks

According to a Forbes article, “this is Hacking 2.0. It’s not about the data, it’s about the context. Using stolen data, like credit cards, to get money is hard work. Extorting someone who has more to lose than money is a lot more profitable.” This new strategy of extortion renders cybersecurity platforms even more vital as companies attempt to ward off attacks from all angles.
An infographic from Visual Capitalist states that over the past 11 years, 96 percent of cyber attacks have fallen into nine distinct categories: web app attacks, insider misuse, POS instrusions, payment card skimmers, miscellaneous errors, physical theft and loss, denial of service, cyber espionage and crimeware. With cybercrime costing the global economy an estimated $400 billion each year, the cybersecurity industry needs to grow quickly and efficiently to address all threats. Luckily, there is visible expansion in the industry. According to a recently published report from Infiniti Research, the global enterprise cybersecurity market is poised to grow at a compound annual growth rate of 11.84 percent between 2014 and 2019.
The Ashley Madison hack has taught the world a valuable lesson about cybersecurity: in the age of big data, hackers can access almost any type of personal information, and that information needs to be protected at all costs. Hopefully, the expansion of the cybersecurity market in the coming years will offer more widespread and effective solutions to this ever-growing problem.
 

Securities Disclosure: I, Morag McGreevey, hold no direct investment interest in any company mentioned in this article.