Yet there is a hidden threat to this digital future: It's not some cyberattack, but the loss of consumer confidence in the online experience. If consumers don't believe that their critical information is protected from irreparable damage or unauthorized access, they won't continue to embrace the digital lifestyle. And that won't just hurt the digital economy, but the economy as a whole.
To be sure, we've made huge strides in addressing the problem of large-scale, fast-moving viruses and worms. From 2002 to 2004, there were almost 100 attacks of this kind; last year there were only six.
But those were yesterday's problems. Today, we face a bigger challenge: skillfully socially engineered attacks that are highly targeted, designed to take advantage of end users' naivete and steal their personal information for serious financial gain. Every day, as many as 150 million phishing e-mails are launched. Data breaches last year exposed more than 55 million Americans to possible identity theft, and those who were affected collectively lost $680 million last year and together spent 300 million hours trying to repair the damage.
In response, consumers are beginning to rethink what they do online. According to a survey of 10,000 households conducted by the Conference Board, 41 percent are purchasing less online because of security concerns, and 54 percent are more concerned today about the security of their personal information online than a year ago.
If we want this digital world to thrive, we can't allow trust to continue to erode. Instead, we must move past the protect-the-PC mentality and focus on protecting information--as it's created, transmitted and stored--and protecting the relationships, or digital interactions, that underpin the online world.
If enterprises want to continue to grow, they must take it upon themselves to take the risk out of the digital world for the consumer. With consumers accessing critical business applications, enterprises need to ensure that customers meet some minimum security requirements before connecting to their networks. An endpoint solution enables enterprises to provide on-the-fly protection to consumers, creating a safe environment from which they can interact with the enterprise. Solutions such as these will give consumers confidence that their information is protected from malicious intent and theft, and will also protect the enterprise's brand and the company's relationships with its customers.
Second, industries must join together to create a trusted community. That requires a process in which businesses can authenticate themselves and customers, in turn, can be confident that "they are they." In addition, a trusted community also entails a way to search the online world safely. How many times have you conducted a search and not recognized the site that comes up? All you can do is click and hope that your information will not be at risk. What we need is process that will check a site's safety and security ahead of time, and confirm its credibility right there in the search results.
Finally, we need to push for a series of policy changes that will protect privacy and protect critical information. That means passing a national data-breach law that requires consumer notification and includes tough enforcement policies. Similarly, when it comes to protecting privacy, we can't move forward with a piecemeal approach. Instead, we need comprehensive federal privacy legislation.
Whether it's helping to craft new legislation or creating innovative technology solutions, the challenge before every business leader is great. The future of the digital lifestyle and digital economy is in our hands-?not just the security companies', but those of every enterprise that relies on the digital world for its operations and growth. By joining together to make information assurance a top priority we can build trust, create confidence, and enable millions of people to safely enjoy the convenience, the power, and the possibilities of the digital world.