Page 68 - Cyber Defense eMagazine January 2023
P. 68
Does Your Company Have a Dark Data Problem?
By Dannie Combs, SVP and Chief Information Security Officer, Donnelley Financial Solutions
(DFIN)
Don’t let the name fool you: dark data is all too visible — to bad actors, that is.
Dark data is information that a company stores but doesn’t need any longer. Businesses are often
surprised by just how much of this data they have squirreled away in their computer systems — on
laptops, file servers, smartphones and in suppliers’ systems as well.
It consists of everything from ex-employee files, outdated customer records, phone numbers and email
addresses to credit card numbers, SSNs, healthcare records and even old security videos.
Companies often treat this information like they would old boxes in the attic — something they’ll deal with
“tomorrow”, if ever. That’s a mistake. Dark data is extremely valuable to cyber criminals, who will go to
great lengths to steal it for a variety of disreputable purposes. They might sell it, use it to perpetrate
financial fraud, even commit blackmail. And when they do, your company could suffer substantial
reputational damage and even be subject to legal liabilities.
There is evidence that businesses are beginning to realize the dangers. According to DFIN’s new report
— Understanding Risk: The Dark Side of Data — nearly 70 percent of enterprise leaders surveyed said
that storing detailed information presents more risk than value to the overall enterprise. And more than
half — 53% — of combined IT and C-Level respondents said dark data is an extremely pressing issue.
Enterprise leaders must identify dark data and decide whether to store it, protect it, or purge it. A few tips:
Cyber Defense eMagazine – January 2023 Edition 68
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.