Lately, the craze for the Blockchain phenomenon reveals the concerns surrounding data security. Blockchain technology is known for its tamper-proof nature. In a world where the amount of data continues to grow, along with its transmission, cybersecurity has become a real issue for society. Companies are in the front line, especially with the development of telecommuting. Indeed, multiple risks weigh on them with consequences that can be disastrous. According to a study, 67% of companies have suffered a hacking of their data. These events have direct and indirect consequences on the functioning of companies.
1. What is data security and data integrity?
The terms data security and data integrity are often confused. However, they refer to very different realities. However, these notions are difficult to define since their meaning depends on the field in which they are used. Thus, from a legal point of view, data security refers to the power to guarantee confidentiality. Integrity refers to the power to guarantee their authenticity. In IT, security refers to all the measures taken to prevent data corruption. Integrity refers to the methods and processes that allow both the physical and logical protection of a database.
2. The main security and integrity risks
A- MATERIAL RISKS AND COMPUTER FAILURES
If computer semantics refers to the lexical field of the immaterial (Cloud, digital, dematerialized, etc.), it must be recognized that the storage and transfer of data require physical media, whether it be a server, a hard disk or a computer. Also, a flood, a fire or a voluntary destruction of these material supports is likely to cause computer failures. Theft or sabotage of hardware or software is also a risk factor to consider.
B- HUMAN ERRORS
The danger does not always come from outside, as illustrated by the unfortunate adventure experienced by a multinational drug company. During the implementation of a new software, a bug occurred which prevented access to the company’s data for several months, resulting in the loss of 78% of its turnover. Human errors are therefore a significant risk factor. These human errors, impacting the security and integrity of the data, can also concern data entry, transmission or use. They can also be errors in the design of software or in its operation.
C- HACKING
Hacking” or computer piracy has been democratized on the Web. Cyber attacks have become a daily occurrence for companies and take various forms. The introduction of a “malware” or malicious software within the company’s systems is commonplace. There are different types of malware with different purposes. Spyware exploits security flaws and is used to monitor the company’s activity or to steal financial or personal information. Ransomware is software that encrypts company data and requires payment of a sum of money to decrypt it. Hackers or hackers also penetrate through other means than computers, given the interconnection of devices. To this, we must add the “denial of service”, a process that aims to make a website unavailable, by saturating the network or server, or duplication, which is to replace the homepage of the official site by a clone site, through which sensitive information is collected. This is the main security and data integrity threat that CISOs need to consider.
However, the list of malicious processes is limited only by the hacker’s imagination. This is why CISOs must give a fundamental place to data security and integrity, especially since the law imposes a security obligation on the person responsible for the file, and therefore the company.
