We have known for a long time that preventing a cyber-breach is nearly impossible. Unfortunately, many organizations cannot even tell they have been breached until they learn that their, or their customers’, data is purportedly being sold in Dark Web cyber-markets. Buying back data from cyber-criminals is an ethically charged practice.
PayPal is one of many firms that engages in this practice as part of their cyber protection program, according to a recent report in the San Francisco Chronicle. Buying small sets of data purportedly stolen from them helps PayPal to identify larger sets of potentially compromised accounts. Other organizations use bought-back data to identify information repositories that were compromised. It can also help to identify whether the breach was by an insider.
These novel approaches provide further support for a multi-disciplinary approach to cyber-security, with a strong emphasis on information governance. Defensible deletion and business enabling information practices will make sure that you keep only what is necessary, and that you know exactly what you are keeping. Being information-prepared reduces the impact of a breach, and allows for a much faster and less embarrassing response. Who wants to have to admit that they don’t know what was taken, because they didn’t know what they had?