While the story of Kim Kardashian being robbed at gun-point while in Paris, France has created quite a stir in pop culture, it has lessons to learn about cybersecurity as well.
First and foremost, it demonstrates the integral interplay between cybersecurity and physical security and how people need to always maintain situational awareness of how their cyber activities may be giving away critical information about them. This kind of information, gathered bit by bit to paint a full picture, is very valuable to those carefully studying their targets, such as social engineers.
In the following news articles, I explain my thoughts on these issues in further detail:
- The CNN article, Kardashian heist: Police say social media made her a target, quotes me talking about how, for some people and companies, having a very open public social presence is part of their business model and something that they cannot eliminate. By having such an open social media presence, they are necessarily exposing themselves to greater risk and, in such situations, they should realistically evaluate their individual risk profile and ask themselves, “How much risk am I exposing myself to?”
- The Vanity Fair article, How Can Celebrities Stay Safe in the Age of Social Media?, takes this discussion a step further to what you need to do after such an evaluation. Once you honestly assess the level of risk that your business model exposes you to, you then need to ask yourself, “What level of security do I need to implement to match the risk that I’m exposing myself to?” The article explains this in further detail.
Both of these discussions demonstrate something that security professionals have been preaching for a long time: there is no one size fits all solution to security. Everybody is different and every company is different, each having their own unique security risks and each needing their own unique security features to account for that uniqueness.
Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Privacy Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.