Hot Features
Premium
Trade smarter, not harder: Unleash your inner pro with our toolkit and live discussions.
We all know the traditional concerns of investors, among which are key statistic like share price, market cap, P/E ratios, revenues, operational expenses, EBITDA, ROI, ROA, ROE, volatility, and a myriad of other pieces of data that, in aggregate, help to paint a picture of future success.
Everyone is amazed by the unparalleled advances in technology that our generation continues to witness, and applauds the impact of those advancements in driving more efficient corporate operations – therefore positively affecting the bottom line. However, advanced technology has also become the preferred tool of corporate espionage. It’s called hacking.
How Big of a Problem is Hacking?
Did you know that “Cyber crime now accounts for half of all crime in the UK?” Whilst we worry about securing our personal identity and information, there is a lot more at stake at the corporate level. Thieves go where the biggest money is. Spies go where the most valuable information is.
The UK’s Data Protection Act regards cyber security as a major threat and requires companies to take “appropriate technical and organisational measures” to protect customers against suffering losses? However, that Act addresses only the protection of our personal data. What about corporate data? The kind that, if stolen, can destroy a company either slowly or overnight.
The U.S. Food and Drug Administration has recently begun to shine a light on the need for cyber security measures to encourage companies under their purview to “monitor and assess cyber security risks…to help fix or address vulnerabilities as quickly as possible.” The FDA has proposed that “medical device manufacturers… take a proactive approach to cyber security management of their medical devices.”
How Big of a Problem is Vulnerability?
A report released today by Cisco (NASDAQ:CSCO) cites a decline in “Defender Confidence” regarding corporate data security. Whilst 64% (less than two-thirds) of corporate security professionals expressed confidence that their security infrastructure was “up to date” in 2014, only 59% expressed the same confidence in 2015. Note that “up to date” is the operative phrase. Illustrating the point,
- An analysis of more than 115,000 Cisco devices showed that 92 percent were running software with known vulnerabilities.
- 31 percent were no longer on the market.
- 8 percent were “end of life.”
- The financial services industry has the highest percentage of devices that had passed their last day of support, at 20 percent.
John Stewart, a vice president of Cisco and its Chief Security and Trust Officer, noted that, “Despite all the hard efforts, there is concern that both the speed at which the technology and capabilities being deployed, and the number of people, qualified individuals to be hired, and the overall approach in the face of an overwhelming number of attacks.”
What Should Investors Do?
Any investor, by virtue of their investment, has a right to know how companies are operating. This applies to how they operate relative to data protection.
Investors should investigate at least these areas of concern:
- Does the company have a Chief Intellectual Property Officer (CIPO) or other similar executive level position?
- What are the responsibilities of the person and position?
- What is the status the corporate data protection infrastructure?
A Caveat
Infrastructure of any kind is traditionally neglected at the executive level because improvements mean more capital expenditure on items that board-level perspectives regard as non-productive expense. The issue, however, is not what it will cost to maintain and upgrade security measures. It is what it will cost if the company does not. Investors, insist on accountability.
