Archives For Sound Bites

Sound bites are a term I use for collecting and memorizing powerful statistics or statements that come from credible sources like The Wall Street Journal.  By themselves, they won’t sell a thing – in fact most technology sales people are guilty of overusing them, or using them with the wrong people.  They have two purposes:

  1. They build credibility when taken from the right sources
  2. They soften cries from IT that the company has everything they need – “We have it covered”, they claim.

When the buyer hears powerful statements from The Wall Street Journal telling them that Visa, MasterCard, and the Pentagon have experienced major attacks and are unable to defend themselves, it is hard to sit there and claim to be in better shape – especially in the small and mid market companies.  In today’s session we explore marketing theory and what it is that actually motivates the buyer to carve out funding for major security projects.  We use the sound bites to accomplish their task, but then move on to more advanced marketing strategies (ones that should be taught in school, but just aren’t).  Here are some of the sound bites sent to me as part of last night’s homework…I thought everyone might benefit from seeing some of these things.  Note:  These are in not particular order, and may not even by the most significant…just a sampling.  Feel free to add more powerful ones if you like.

1. The people in the IT department pose the biggest risks to data security. They can access nearly anything on the network, usually with no one looking over their shoulders. WSJ 4/4/12
2. 56% of those surveyed (WSJ) after financial crimes were committed, said the most serious crimes involved insiders WSJ 4/4/12

3. 53% of respondents indicated IT was involved in serious cyber crimes involving money over the past year 4/4/12 (WSJ)

4. Damage is only just now coming to light in the form of millions of false 2011 income tax returns filed in the names of people currently receiving Social Security benefits – reported by WSJ for Puerto Rico, but not the US – just coming out now!  Cringely Report.

5. Out of 47 attempts last year, hackers managed to penetrate NASA’s computer network 13 times – Ziff Davis  – March 2, 2012

6. Global Payment Inc – shares dropped 9% after disclosing a cyber attack – Reuters.3/30/12 – affected Visa, MasterCard, Amex, and Discover – 10 Million Card holders affected  (all 4 had stock price drops as a result).

6. The Chinese People’s Liberation Army (PLA) runs a very active industrial espionage program because it has the joint mission of ensuring both military and economic security. So when companies from another country attempt to do business with a Chinese company or agency in an important area of technology, the PLA helps give its side an advantage by stealing data from the other side. They use the same targeted cyber-intrusion techniques they use to steal military secrets. They are after the “play books”–the documents that tell what the company is willing to give up and where it will hold the line. That data gives their side an advantage in negotiations. Sometimes, as in the Google case, they just steal the technology they want.  (FBI discussion with SANS – March 2012)

7. Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them WSJ 3/28/12

8. James A. Lewis, a senior fellow on cybersecurity at the Center for Strategic and International Studies,  I think we’ve lost the opening battle [with hackers].” Mr. Lewis said he didn’t believe there was a single secure, unclassified computer network in the U.S.  WSJ  3/28/12

9. 24 Million customers compromised through Sony PlayStation last year, over 100 million on NASDAQ.  WSJ 3/28/12

© 2012, David Stelzl

If your clients think they’re not at risk, check out the following article.  All it takes is an unhappy customer or disgruntled employee and a little creativity online.  You don’t have to be a hacker to steal data.  In the attached article an unhappy mistress heads for the net to destroy families and discredit names.  Remember the House & the Cloud; it’s simple to break in!  Read the link below – it’s an attention grabber and a great sound bite for your next security discussion.

(Thank Tim at NEC – this kind of news underscores how easy it is from an amateur to access sensitive data)

http://www.washingtonpost.com/wp-dyn/content/article/2009/09/06/AR2009090602238.html

More data is under attack than you realize…or at least your prospects realize.  This study shows that corporations are under attack every day.  But as with many of the breaches reported over the past year, it often takes companies a long time to discover the problem.  This comes from SC Magazine, July 16, 2009.  Learn the sound bites and use them.

  • 92 percent of respondents said that their company’s data has been attacked in the past six months.
  • CEOs are often more confident about their organization’s ability to prevent data breaches than are other executives
  • CEOs are likely more optimistic about their organization’s struggle to protect data because they have passed off those responsibilities to others
  • Part of the disparity in perception also may arise because employees do not always give CEOs the whole story of what is going on with respect to data loss

Two take-aways from this study are: Most companies really are under attack whether they realize it or not, and senior management is usually the last to know, making it harder to get budget approval.  Getting to the asset owners, people with liability, is a critical part of the security sales process.  Without their support, IT will continue to say, “We’ve got it covered”.  After all, their reputation is at stake.

Read more at: http://www.scmagazineus.com/Report-Data-attacks-more-frequent-than-CEOs-think/article/140117/?DCMP=EMC-SCUS_Newswire

Several have asked me where these numbers come from.  Over the past three years growth has been exponential – numbers vary, but as long as sound references exist, we can use these numbers to substantiate business opportunities that lead to greater data security.  Here is a quick summary:

$67.2 Billion – The money section of USA Today, Thursday October 12, 2006 – according to FBI projections

$105 Billion – McAfee CEO, David DeWalt – September 17, 2007 iTnews report

$1 Trillion – “Now, the FBI reports that, for the first time ever, revenues from Cybercrime have exceeded drug trafficking as the most lucrative illegal global business, estimated at reaping in more than 1 Trillion annually in illegal profits.” – CRN 10/13/08… in an article entitled, The New Face of Cybercrime.  Read the entire article at http://www.crn.com/security/210800781

One of my clients recently sent me this article (see link below).  Stolen ID information is fast becoming a commodity.  The days of large organized crime syndicates being the only profiteers is over; they’ve moved on to larger more lucrative cybercrime schemes.  Read about how easy it is to get into the business!

…A keystroke logger might run you $23, a host for your phishing scheme $10.  If you want a botnet, it will cost you $225.  Want a tool to crack bank security using a known vulnerability?  It will cost an average of $740, and could cost you as much as $3,000 for a good one.  However, for both the buyer and the seller, the reward for online crime is proving to be equally lucrative…

For the rest of the story – http://www.insidetech.com/news/articles/3525-symantec-study-online-crooks-make-good-money?referral=IT_nlet_20081203