What LinkedIn’s security breach tells us

It’s a rule of law that the mightier you are the harder the fall will be, which is to say in this 24/7 age of interconnectivity, wired-up to the internet every single second of the day, with everyone effectively an IT practitioner, any shortcomings, big or small, will be most visible.

When the professional social networking site LinkedIn was revealed to have experienced a network security breach, resulting in millions of users’ passwords being uploaded to a website, the online world and media outlets from around the globe went into heated discussion.

Now while LinkedIn isn’t unique in being targeted by cyber criminals, a lot of criticism towards the popular company – it has approximately 161 million users – is justified in the sense that a lot of weaknesses and vulnerabilities have been identified.

One would expect a big company to have a seriously robust system of security, but something has clearly gone amiss. However, it would be too easy to say that this is the product of the fact it has no chief information officer, someone who has the skill, tact and knowledge to “beef up” and monitor security.

That’s because it does have a security team, a world-class one in fact, as its director Vicente Silveira was keen to articulate. This typified by experts like Ganesh Krishan, the former vice president and chief information security officer at Yahoo! and David Henke, senior vice president of operations, who oversees all areas of this.

LinkedIn wasn’t the only one being hit – eHarmony and Last.fm were also targeted. In January of this year it was reported that Facebook, the giant of social media networks, had been breached, with 45,000 passwords being stolen. Hackers had deployed a ramnit worm.

As the Financial Times noted recently, cyber criminals are preying on social networks – it’s the new playground so to speak. The significance of the LinkedIn story is the scale of it. When you get into the millions you know you’re into unchartered territory.

One of the reasons for the shift, explained Graham Cluley, senior technology at the security research firm Sophos, is that the anti-spam features on these websites are “nowhere as mature as places like Hotmail and Gmail”.

Furthermore, the openness of such websites, in terms of sharing information, developing applications and becoming friends – as a status thing (the more people you have, the more “popular” you are) and a strategic thing (the more reach you have, the more exposure you have to services and products) – makes them more culpable of been breached.

No doubt that the likes of Facebook, Twitter, LinkedIn and new kid on the block Pinterest will be evaluating their policies and considering how they respond to this new era. They owe it to the collective millions of users who give them the very digital air they need to breathe to ensure that they are safe and protected. If not, users will walk away, and then where will they be?

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy