We kind of know this is going to continue to get worse,, because it works, right? But I also feel like this isn’t something we are talking about enough:
“Businesses have been urged to gather up every bit of data about every customer engagement, every supplier interaction, in the hope that it can be trawled by artificial intelligence and big data technologies to provide insight and direction. But for many organisations the security of that data remains an afterthought at best. That leaves many in the situation of having vast piles of sensitive information but no guidelines for keeping it safe. If organisations aren’t sure why they’re collecting data they won’t be clear about why they need to protect it, either.”
This is definitely part of the problem. I’m actually working on some longer thoughts around this subject for a later post, but with the push towards big data, and using machine learning and AI, we are seeing more and more businesses trying to capture more information, which sadly often translates into a push to keep anything and everything, in case it’s useful.
Of course the problem with that approach is that often, that data storage isn’t being governed, or has become so spread out across various tools, that it’s not being protected the way it should be, and that includes whether it is being backed up. So they have a ton of information, but little defense against that data being breached, or becoming lost to ransomware.
I’ve often said, you can’t protect what you don’t know exists, and right now there’s a lot of data out there that falls under that category. Until that gets cleaned up, we are going to see ransomware take bigger and bigger bites out of organizations.
All it takes is one person to click on the wrong link in an email. Do you really want to trust your entire data infrastructure on that?