10 May 2015

Metadata: Evidence of Terrorism vs. Crime...

What are the enterprise risks when metadata is legally defined as property?  Operational Risk Management (ORM) professionals are on high alert these days.  The court systems within the EU and now the United States, are building new cases and establishing new arguments.

As a steward of data and providing oversight on the transparency of how information is tagged, sorted, stored and archived, the ORM professional is right in the middle of the debate.  Metadata relevance is known to those who have been practicing the science and art of digital forensics for years.

Does your organization issue corporate devices for use in the workplace or on the job?  What transparency was provided when the digital device was issued on the use and ownership of the data associated with the device?  How many pages is the "Acceptable Use Policy" at your organization?

These policies on Mobile Device Management (MDM) or Bring Your Own Device (BYOD) are not new, yet they are still evolving.  This is because the technology innovation is so far advanced than the current legal precedence or court rulings.  The law will always catch up to technology and now the law is getting to an important milestone.

This however does not change how our adversaries are operating.  The current environment over the relevance of data, or who owns the metadata on our mobile devices, will not change the appetite for those who seek the data or exploit systems to cause failure or destruction.  If all of the laws in our land would stop crime or malicious intent in its tracks, then we could eliminate the entire legal enforcement structure.

The General Counsel and the outside legal teams at your organization are already working to reduce the risk of adverse litigation by employees, partners and customers.  The Chief Privacy Officers (CPO) and Chief Information Security Officers (CISO) are working 24/7 in tandem to operate legally and to insure the confidentiality, integrity and assurance of metadata across the globe.  Unfortunately they operate in an environment that involves humans, using digital devices.

The legal frameworks are quickly responding to the rising digital crime rate across the globe.  They are weary of the "Asymmetric Warfare" being waged by nation states.  Plaintiff lawyers are now preparing their new privacy and data breach cases on a weekly basis.  Organizations are seeking avenues of "Safe Harbor" by using certain products inside their infrastructure.  Yet will this all stem the tide of what weapons the adversaries are deploying, to perpetuate their business or espionage models?

This brings us to a prediction.  We predict the rise of metadata evidence that proves that organizations are the victims of cyber-terrorism, not cyber-crime.  Terrorism not fraud.  And now the courts and the jury pools will now decide what metadata is evidence and what the definition is of "Terrorism" in the cyber realm.  Marketing is a powerful engine to influence buyers.  Buyer beware:
"Last week, the Department of Homeland Security (DHS) certified FireEye under the SAFETY Act, providing their customers protection from lawsuits or claims alleging that the products failed to prevent an act of cyber-terrorism.
The news of the certification was reported by FireEye in a press release, and stipulates that FireEye’s Multi-Vector Virtual Execution engine and Dynamic Threat Intelligence platform are the two products now on the SAFETY Act approved technologies list."
"The core of this is something we’ve been debating for a while: the definition of terrorism, and whether or not it can apply to cyber-stuffs. The end result looks like a legal get-out-of-jail-free card for businesses that use FireEye, but for that to actually happen, it seems like we’d need a computer-related incident or breach to actually be declared an official 'Act of Terrorism' by the US government."

No comments:

Post a Comment