"If security was about protection in 1990s, detection in the 2000s, then this decade is about responsiveness to incidents."
This view comes from Bruce Schneier, a security expert and author of a dozen books. He believes organizations must get smarter, faster and better at responding to data security breaches.
The emergence and growth of drones in physical spaces overhead homes and organizations offers a reminder of smarter, faster and better response times over privacy and security concerns. Most individuals and organizations act quickly when physical objects fly overhead, and observe or record audio and/or video information. In other words, response time is fast.
The Wall Street Journal reports the Federal Aviation Administration predicting sales of 7 million drones in the U.S. by 2020, up from the current 2.5 million in sales expected in 2016. The use of drones for personal and commercial purposes raises privacy and safety concerns, especially when flying over one's home or a business. In one case in 2015, a judge ruled William Merideth had the right to shoot down a drone over his home, citing an invasion of privacy because it flew below the tree line.
According to A. Michael Froomkin, a professor at the University of Miami School of Law:
"Drones pose a huge threat to security and privacy, and that property owners should be able to keep them from flying over their land... Drones can film, record sounds or listen in on Wi-Fi and other signals, and no fence is high enough to keep them out."
Concerns are warranted as drones continue to grow in popularity. Individuals and organizations are being vigilant in their need to detect, protect and respond quickly to security and privacy issues. The same diligence about privacy and security is not evident regarding our devices -- computers, phones and gadgets -- that are continually plugged into the Internet.
Every day, we allow corporations to collect, analyze and sell large amounts of personal information about identities and where and how we live, work and play. When large amounts of information are stolen -- whether financial or other -- users have little or no recourse regarding their privacy and security.
Three trends are making it harder for organizations to effectively respond to threats.
1. The Cloud Era is growing
The cost of computing continues to drop every year and more data continues to be stored. In his book, Data and Goliath: The Hidden Battles To Capture Your Data And Control Your World, Schneier says that in 2015, a petabyte of cloud storage will cost $100,000 per year, down 90 per cent from $1 million in 2011. This trend applies to both individuals and organizations, where cloud providers store every type of data possible.
As more data is outsourced to various cloud providers, will increase and make it harder for organizations to respond effectively. This is because organizations no longer possess control to see the entire network clearly, as they did in the past. Also, most cloud providers don't disclose the operating systems or hardware they use. Coupled with this, a wide range of devices and gadgets access information and the network today. As information is decentralized, the loss of control reduces the ability for an organization to effectively respond to a cybercrime.
2. Cyber threats are increasingly sophisticated
The strength and impact of attacks is growing. Regardless of attackers operating independently or with aid from nation states, their efforts are more focused, deliberate and skilled. Hacking is now intertwined with geopolitics and targets employees of multinationals and governments.
Today, attackers have the upper hand, according to Schneier, for a number of reasons. First, it is easier to break than fix things. Second, as systems become more complex, finding gaps becomes more difficult. Third, automated systems result in more security holes, making them harder to find and fix. Fourth, computer security is complicated and average users are prone to human error and mistakes. This sometimes compromises the efforts of computer security staff.
In the past, criminals hacked into one computer to steal personal data. But today they break into large corporate databases, stealing the personal information of millions of people. This was the case with hackers breaching retailer Target's databaseand stealing millions of customer credit cards. Surprisingly, according to Schneier, many companies have lax security and don't realize or take months or years to discover their data is being taken due to a breach.
3. Companies under invest in protection and detection
When thinking about corporate security, psychology and economics usually drives decisions. For example, if the cost of security is below the cost of losses, then security comes out on top. If the cost of security is more than the losses, then go with the losses. Most organizations realize that a successful attack or defence often depends on which side has the upper hand during the current technology and innovation period coupled with psychology and economics. In one period, momentum shifts to attackers, while in the next period, defence is stronger.
In the case of Target, hackers wanted to gain access to a large number of credit cards. If the network were more secure, the criminals would find another company with weaker security and breach that database, containing millions of credit card numbers.
Organizations -- large and small -- must become more resilient. Cybercrime is more sophisticated today. At the same time, information is increasingly decentralized and outsourced to third party cloud-based providers. The most effective way an organization can become more resilient is to integrate each security response into an overall corporate crisis management strategy and plan. This includes actionable step-by-step instructions to communicate for internal communication with employees and externally with, stakeholders, partners and cloud providers.
Follow HuffPost Canada Blogs on Facebook
MORE ON HUFFPOST:
2010 RANK: 22 Springbank Park, London Ont.
2010 RANK: 21 Downtown Regina, Saskatchewan.
2010 RANK: 28Radisson Plaza Hotel and the Harbourfront Kingston, Ontario
2010 RANK: 23On the road, Barrie, Ontario.
2010 RANK: 31Halifax Harbour
2010 RANK: 11Parliament Hill, Ottawa, Ont.
2010 RANK: 7
2010 RANK: 9Kelowna, B.C.
2010 RANK: 10Kitchener, Ontario.
2010 RANK: 6Oakville Post Office.
2010 RANK: 12Victoria had the analysis' highest number of Wi-Fi hotspots, at 170 per 100,000 population. However, spending on internet access and personal computers was the lowest out of the top 10 cities.
2010 RANK: 13Edmonton scored high in the categories of Wi-Fi hotspots, spending on personal computers and Internet access. Social networking use by Edmonton residents was the lowest in the analysis, at 37 per cent of the population. Edmonton Skyline from Sherwood Park
2010 RANK: 16New Westminster rose significantly in the rankings, up to #8 from #16 in 2010. There were 34 Wi-Fi hotspots per 100,000 population and 48 per cent of New Westminster residents use social networking. British Columbia's Fraser River
2010 RANK: 8Toronto's spending on personal computers was among the highest. The number of Wi-Fi hotspots was also high. But social networking use among Toronto residents was near average.
2010 RANK: 14 Social networking use was the highest in the analysis, at 60 per centof the population. New Brunswick Fredericton October 2011 Gavin Langille-18.
2010 RANK: 5Calgary had the lowest ranking among the cybercrime data in the list of top ten Canadian cites, but the second-highest spending on Internet use and personal computers. Beltline Area, Calgary, Alberta, (January 29, 2007).
2010 RANK: 3 Langley dropped slightly in this year's analysis, falling one spot in the rankings from #3 in 2010. Reported cybercrime data was all in the 90th percentile. Fort Langley British Columbia.
2010 RANK: 4Vancouver rose one spot in the rankings since the 2010 analysis. It had the third-highest incidence of spamming IP addresses, and a high level among the other cybercrime data sets. Vancouver also had the second-highest number of Wi-Fi hotspots per capita and high social networking use.
2010 RANK: 2Port Coquitlam, B.C. again ranked second in the analysis, scoring at the top in the majority of the categories surveyed, including cybercrime data per capita. Port Coquitlam also reported high numbers of social networking use. Canadian Pacific Railway yard, Port Coquitlam BC
Burlington maintained its #1 ranking from the 2010 analysis. It reported the highest scores among the cybercrime data per capita in three of the four cybercrime data factors. Burlington's internet use and computer expenditures were also high.
Follow Matthew Held on Twitter: www.twitter.com/@mheld