Mazars logo Mazars logo Mazars logo The Ledger

Covering up your digital footprint: expert interview

September 3, 2020

TO MARK THE LAUNCH OF “OPEN SOURCE INTELLIGENCE BENCHMARK 2020” FROM MAZARS, NETHERLANDS, WE SPOKE TO ITS AUTHORS, JAN MATTO AND RANDHIR SEWNARAIN, ABOUT STAYING SAFE ONLINE, THE INFORMATION WE UNINTENTIONALLY LEAVE BEHIND, AND WINNING THE ATTENTION OF BOARDS IN ORDER TO MAKE IT IMPROVEMENTS.

 

Could you tell me about the report and its findings? Why did you publish it?

Jan Matto, Partner, Mazars

We do a lot of cybersecurity work for our clients and many are unaware of how much information about them is freely available on the internet, waiting to be used by cybercriminals. What began as something we would offer for free to charities expanded into a service that shows businesses what is out there – sometimes including their security information and confidential documents. The report uses publicly available information to show the digital footprint that organisations leave behind and why it needs to be better covered.

Randhir Sewnarain, Cybersecurity specialist, Mazars

As many organisations use third party service providers, control is lost over their data. The purpose of the report is to leave the reader asking, do I want that information to be publicly available? For example, we found passwords that are linked to people’s business accounts that can also be used to log into their social media. Similarly, when organisations develop software, they unknowingly allow the source code to be public, which someone could use to access the security settings and infrastructure. It’s understandable that teams outsource IT, but they should not outsource their security with it.

The report reveals many organizations are not safe online, why is that?

JM

There are a couple of reasons. The first is that issues related to the public space of the internet often fall outside of typical processes, so they can be left with no one directly responsible for them. Secondly, when you outsource your internet operations to several providers, responsibility falls through the cracks. The life-cycle of an internet domain is typically longer than any single IT manager. If an internet domain is not managed and its existence is forgotten, data will not be adequately managed over the long term.

RS

One of the biggest problems is budget – lots of IT managers may know about cybersecurity and digital footprint issues but they don’t have the resources to solve them. And that is linked to a lack of awareness – if business leaders don’t know or appreciate the risks then it’s hard to build the processes to deal with them. This is one of the main reasons we published the report – to raise awareness at all levels of an organization.




Related posts



CHALLENGE Client had recently acquired three companies and needed an integration leader and a playbook to guide current


CHALLENGE Client needed M&A strategy, integration leadership, and a plan to drive technical enablement of the new acquisition.


CHALLENGE A heavily regulated biopharmaceutical client required an integration of disparate global governance systems. Existing challenges included: Need