Davos executives see data theft as too costly, too hard to beat

DAVOS, Switzerland Fri Jan 24, 2014 9:44am EST

1 of 3. A Target employee returns carts to the store in Falls Church, Virginia May 14, 2012.

Credit: Reuters/Kevin Lamarque

Related Topics

DAVOS, Switzerland (Reuters) - Fighting online data fraudsters is almost impossible as their ability to hack into new technology often outpaces companies efforts to protect it, senior businessmen and bankers gathering for the World Economic Forum (WEF) said.

The mammoth data breach at U.S. No. 3 retailer Target (TGT.N) has made executives even more aware of the need to improve safety standards, but the cost is often prohibitive.

"It's next to impossible to stop data leakage. It's a constant battle. You can't beat it completely," IT company Wipro (WIPR.NS) Chief Executive TK Kurien told Reuters, calling the hunt for increasingly valuable information "modern piracy".

While losses on complex derivatives transactions could punch a big hole in a banks' balance sheet or even compromise its stability, the potential losses resulting from the theft of retail customers' data are often minimal.

"Secure networks like clean pipes are expensive. You can use them for intellectual property but not for everything," Wipro's Kurien said.

With the rapid uptake of technology and hyperconnectivity both for personal and business reasons, people put privacy as their biggest concern with security ranking second, according to an international survey conducted for Microsoft (MSFT.O) and made public in Davos on Friday.

The more personal information is shared online, the more difficult the battle against fraud becomes, an issue that was already live following the NSA surveillance scandal.

Israeli Prime Minister Benjamin Netanyahu waded into the debate at Davos by championing the know-how of Israeli technology companies. With the government investing heavily in the area, Israel intended to become one of the top three countries for cyber-security, he said.

The WEF's annual global risks report, released this week, focused on the worst-case scenario of a chronic breakdown of security, or so-called "cybergeddon", where hackers would gain the upper hand on legitimate users and major disruptions would become commonplace.

That eventuality is viewed by the WEF as a distant risk but there is no doubt that confidence is eroding following episodes like Target, which resulted in the theft which included about 40 million credit card and debit card records.

"Trust in the Internet is declining as a result of data misuse, hacking and privacy intrusion," said Axel Lehmann, Chief Risk Officer at Zurich Insurance Group (ZURN.VX).

The Target data breach, a major talking point in the Swiss Alps, triggered a flurry of customer inquiries, reputation.com CEO Michael Fertik, a U.S. digital pioneer who helps 1.6 million customers to protect their digital identities.

"We had lots of sign-up after the Target scandal," he said.

The incident has also put a spotlight on America's card system, which does not rely on the sort of chip and PIN technology that has been in place in Europe for years.

"Putting a chip in a card would make it much more secure. It's an organizational problem," a senior executive at a technology multinational said. "There is always going to be something more technologically advanced, but we could do things a lot better."

Bankers and businessmen say the historically low fraud rate in the United States has not encouraged banks and other financial operators to engage in what would be an expensive upgrade of the U.S. card system.

"It's a trade-off of what it is worth," a senior American banker said.

(Additional reporting by Ben Hirschler and Paul Taylor; Editing by Louise Ireland)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (6)
baroque-quest wrote:
“The mammoth data breach at U.S. No. 3 retailer Target (TGT.N) has made executives even more aware of the need to improve safety standards, but the cost is often prohibitive.”

Over the past few years, the Target CEO has made, on average, a little more than $20 million per year. So the cost of securing his business is “prohibitive” yet Target finds the largesse to allow its corporate executives and board members to roll in dough?

Jan 24, 2014 2:55pm EST  --  Report as abuse
UScitizentoo wrote:
> Wipro’s Kurien
This guy sells cheap incompetent Indian IT labor by thousands of H1-B visas to displace American workers. Bank with him and you will get what security you pay for. If you want security find a securoty expert and design your network for security not because it’s cheaper. Target is now finding out that cheap labor maybe isn’t the best strategy.
And regarding security architecture, I can in one paragraph tell you exactly how to secure your data, but few IT shops are managed to be designed for data security. They are typically designed by low priced talent doing the same thing as the other guy. Caveat Emptor.

Jan 24, 2014 3:21pm EST  --  Report as abuse
agular17 wrote:

Jan 25, 2014 1:21pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.