The biggest threat to the everyday lives of Americans is not of a physical terrorist attack, but a digital one. Professional hackers from China and Russia have been infiltrating US company’s networks and obtaining crucial customer information that they collect. This is clearly a huge problem for average Americans. These hackers can get into health care and banking businesses, where most of our most secret and crucial records are found. All that these hackers need is a social security number to steal an identity. These hackers do not collect the information to use for themselves. Rather, they sell it on the black market to the people who really want to do the damage. When you hear that 80 million customers were affected by a cyber attack, it is terrifying because that is approximately 24% of the entire country. That is a scary thought. Another scary thought is that you might not find out if they have your information until later on, when the hackers that stole decide to sell the information or capitalize on it themselves. This has the potential for them hoarding the information for years or stealing money in such low increments that it goes undetected for a long time. So now that we know this is a big problem, should the government be in charge or should the private sector be in charge of policing?
It would be ideal for security purposes if security was centrally controlled by the government. However, there is no way people would allow this to happen since that would entail the government knowing everything about everyone. The NSA is already considered to be over-spanning its reach, so this solution would take that to a whole other level. Also, it would be very costly for the government to take on this task which would inevitably be a cost to ordinary tax payers. Therefore this idea is not feasible, but what is feasible is the government passing legislation making it mandatory for companies to release the fact that they have been hacked to the public (which they already have). The government can also help in educating the workforce for the private sector to utilize in the future. Other than helping companies after they get attacked, there is nothing they could do otherwise to prevent it. Government Policing
The larger the company, the more data you hold and utilize, the larger your budget should be on cyber security. That is common sense, yet there are still large companies whose data gets breached. Companies like JP Morgan are leading the way with creating separate divisions of cyber security experts. They are investing tons of money for this rightful cause of protecting their customer’s data from hackers. They are hiring experts in the field who are ex-military. Each company should be in charge of policing their own data. But this does not bode well for regular customers since this does not guarantee their safety. The solution is to make sure all data breaches are fully insured, to decrease this risk for customers. Another great step being taken is by Google who created an expert team called Project Zero. They look for bugs in the systems of companies and give them an ultimatum. Either fix it as soon as possible, or they will make the bug public and force you to fix it. Many would think that this is an example of Google bullying other companies. However, it is ideal to a have a private company work as an industry watchdog. This is the ideal solution for everyone, as long as Google does not act maliciously in doing so by targeting specific rivals. There is no way to control that and trusting a very large and powerful company is hard to do. Collaboration
Overall, there is no current solution to this problem and it is something that is crucial to solve in the near future due to the fact that all companies collect data, store it, and use it. This is the way in which our country is most vulnerable to attacks from our enemies. How many breaches of security does it take to erode the confidence of customers in releasing their data? I guess we will find out.