It’s called influence manipulation. And, as data scientist Joseph Turian said during a presentation at the O’Reilly Strata conference on Wednesday, “It’s a pretty serious issue and it’s also pretty hard to catch.” (Turian will also be moderating a panel on next-generation databases at our Structure: Data conference in New York next month, but I’m sure he’ll gladly talk black-hat data science if you catch him in the hall.)

Joseph Turian at GigaOM RoadMap 2012 (c) 2012 Pinar Ozger pinar@pinarozger.com

It’s hard to catch because influence manipulation, which Turian also calls black-hat data science, is really just white-hat (or good) data science techniques inversed and pointed toward a nefarious purpose. So, whereas as white-hat data scientists try to uncover unnatural networks of links created to game Google’s PageRank algorithm, Turian explained, black hats will try to build artificial networks so good they look real. If someone wants to send lots and lots of undetectable spam, it’s just a matter of analyzing enough language to create messages that look less like a machine wrote them and more like a stupid human wrote them — because most spam filters try not to penalize users who just don’t write well.

During a one-on-one conversation later in the day, Turian told me he did a lot of work on language modeling as part of his Ph.D. work, and that the same techniques used for language evaluation — something like sentiment analysis, for example — can also be used for language generation. Marketing startups such as DataPop and BloomReach are already using some presumably similar techniques to create personalized online ads and web pages on the fly.

Does evil lurk among our data scientists?

Not evil. Source: hilarymason.com

But are there actually so-called black-hat data scientists among us, using their mastery of statistics to influence our opinions or make us buy Cialis? Turian quoted Bit.ly data scientist Hilary Mason, who he said asks of all her work, “What’s the most evil thing that can be done with this?” We can assume she’s just trying to avoid a mini-Sarah Winchester situation, but others might not be so ethical. (Turian already classifies as “gray hat” certain well-known companies that play fast and loose with user data.)

After all, Turian noted in his presentation, Greylock’s D.J. Patil has called being a data scientist the sexiest job of the 21st century, comparing it with Wall Street quants in the 1980s. And where there’s opportunity, there will always be people trying to cash in on it by any means necessary. Real-life Gordon Gekkos came to make quants almost universally reviled, and a few bad apples could certainly find their way into the data science bunch.

Turian assured me he isn’t one of them. “[I]f I did [this] I’d be riding around in a Rolls Royce,” he joked during our hallway conversation.

Define “good enough”

Maybe, maybe not. If all you’re trying to do is improve search rankings, mediocre bots might work in the same way that “legit” content-generation services like Chirpsy and Servio work, he noted. Marketers don’t necessarily care how good a tweet or article is as long as it’s positive and says their company’s name a lot.

But in order to be successful in the world of online influence manipulation, fake personas and their messages have to be really good. Lutz Finger, co-founder of Fisheye Analytics, laid out some interesting statistics during another conference talk that highlight how difficult it is to really influence someone. According to the studies he cited, 7 percent of people’s twitter followers are actually spambots; 30 percent of social media users are deceived by spambots and chatbots; and 20 percent of social media users accept friend requests from unknown people, 51 percent of which are not human.

Presently, though, the charlatans are not very good. Finger said that when it comes to “astroturfing” — the practice of creating fake grassroots movements to influence opinions — the hit ratio on email spams is about 12.5 million to 1. In order to create an astroturf movement on the scale of the anti-SOPA movement in 2011, every person on earth would have to receive the same spam message 8 times. The number might be even higher on an already-noisy platform like Twitter.

That, he noted, makes spambot @peace_karen25′s (a now defunct spambot) 10,000 pre-election tweets seem pretty inconsequential.

However, he explained, spammers are getting smarter and are working on some of the black-hat data science techniques that Turian warns about. Next-generation bots will be better at gaining trust (attractive females with familiar names are most likely to have their fake friend requests accepted), and they’ll act more real by mixing improved chatbot technologies and analytics to figure out how people speak and what to say in what circumstances. Once they have your trust, these bots can make introductions to more bots and people will be more likely to accept those requests, too.

Even if it’s difficult to change someone’s mind on issues like global warming or politics, Finger said well-timed messages could affect individual decisions. At the time someone is ready to buy something on Amazon.com, for example, he’s open to messages about that product, perhaps in the form of product reviews. Maybe someone waiting in line at the polling place and still sitting on the fence is open to suggestions, too.

And it’s possible the bar to convincing people — especially teens — to act really isn’t that high at all. In his talk, Turian highlighted teenage social media maven Acacia Brinley Clark and her single tweet that led to an app called Pheed becoming one of the most-downloaded apps in Apple’s App Store last week. After reading the rest of her Twitter feed, he said, (only half-jokingly, I think) it took quite a bit of research to convince him she’s a real person.

Her 120,000-plus followers don’t seem to share the skepticism, but they certainly seem willing to follow her lead.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Connected world: the consumer technology revolution
• Why the next front in big data might be psychological
• Listening platforms: finding the value in social media data

Here are seven big data-inspired approaches to security that have piqued my interest lately. I know I’m leaving out a lot of other approaches and companies, so please fill in the blanks in the comments section.

Prioritizing threats

Software-as-a-Service security startup Risk I/O announced $5.25 million in venture capital funding on Tuesday, based in large part on its ability to simplify security administrators’ lives by telling them which vulnerabilities are best fixed now and which can wait a bit. Co-founder and CEO Ed Bellis first recognized the problem of information overload while serving as CISO at Orbitz, where he told me he was subsumed by the noise of dozens of products spitting out information on untold numbers of vulnerabilities, all in different formats and all without any guidance on what to do next.

And the problem is only getting worse as companies grow and inevitably roll out or acquire new security products along the way. “Nothing ever dies,” Bellis said, “it’s just one more thing you end up having to support.”

Risk IO tackles this complexity by taking in the data from all of a company’s security applications and analyzing the context around the threats they’ve discovered. (And because it’s a SaaS offering, Bellis said Risk IO can easily include crowdsource threat analysis to include intelligence gleaned from its 400-plus enterprise customers.) Once the data is analyzed, Risk I/O tells users which vulnerabilities they need to tackle immediately, basing its recommendations on many criteria, including how exposed a vulnerability is, whether there’s an exploit published somewhere online and how often other companies are getting burned by it.

Really, Bellis said, the goal is to let users sleep relatively easy knowing that of the 10 million vulnerabilities their system might have, perhaps only 50 or 60 are likely to result in a breach. “We’re here to help organizations make much better security decisions,” he said. “… They can’t fix everything and not everything needs to be fixed.”

Letting admins play C.S.I.

Sourcefire’s FireAMP product does detect malware, but it’s real magic comes into play when it’s time to do forensics. A cloud-based backend takes care of all that heavy lifting around processing, while security personnel can work their way through the data to determine everything from how a piece of malware moved through the system to whether the behavior or certain employees or departments is unduly exposing the company to attacks. This type of analysis lets a company identify the causes of attacks rather than just treating the symptoms, Sourcefire’s Zulfikar Ramzan told me in January.

Stopping crime in its tracks

For Silver Tail Systems, a four-year-old company that EMC purchased earlier this month, the focus is on building always-learning behavioral models for web visitors that let customers identify and thwart attacks as they’re happening. When its software spots activity from an untrusted source or that’s deviating too far from the norm for a given IP address, it can flag security personnel who can then respond as they see fit or it can just deny access outright. If there’s a question about a visitor is real or a bot, Silver Tail can deploy a CAPTCHA or other test to try validate its humanity.

Visualizing threats

PacketLoop is a security startup that was clearly born in the age of big data. The company touts its Hadoop- and NoSQL-based platform for its ability to store and process many terabytes of network packet data, and it’s all about presenting the results via visualizations that tell a story. From a functionality perspective, the company claims its big data architecture allows it to analyze every single packet every time its intrusion detection systems are updated, meaning its always on the lookout for nefarious activity, even in historical data.

Keeping BYOD in check

Tenable Network Security performs a lot of network security tasks for its customers, although one capability that recently caught sole investor Accel Partners’ eye — to the tune of $50 million — is its ability to identify in great detail the mobile devices on the corporate network. Tenable’s Nessus software can determine how many mobile devices are on their networks and just about everything about them — serial number, model, OS version, whether it’s jailbroken, when it last connected to the network, you name it.

As Tenable Founder and CEO Ron Gula told me at the time of its funding in September, “People say BYOD, but it’s really connect your own device to the network.” And when they’re doing that from any number of coffee shops and hotels across the country, it’s important to know who’s who and that they’re not bringing any hangers-on with them. A jailbroken phone that hasn’t had a software update in three years? Well, someone might want to address that.

Opening the data — lots of it

CloudFlare is a pretty impressive company, if only because of the sheer amount of data it collects trying to improve performance and security for the more than 500,000 websites that use its service. According to Founder and CEO Matthew Prince, the company handles between 75 billion and 80 billion pageviews a month, and its database now includes about 650 million IP addresses. Cloudflare’s system ingests 20GB of log data per minute, and the company is currently in the process of building a 20-petabyte cluster to store all that data (the fraction it retains) using its custom-built file system.

All that data means CloudFlare’s behavioral models are very good at detecting malware and bot activity, and it will only get better as more data gets added to the system, Prince said. And thanks to the service’s distributed architecture, the company claims it can fend off even large, persistent DDoS attacks without its users feeling a thing. But the company’s biggest contribution to the security space might be yet to come.

Prince said he’s on a mission to open up the company’s stockpiles of data on malicious traffic with the intent of letting even small companies get in on large-scale data sharing like large web companies already do among themselves. The bad guys share data like crazy, he said, and “only through coordinated efforts are the good guys going to be able to win. … Any individual site can only be as secure as the lens through which it sees.” CloudFlare’s data could help many companies open their apertures.

Of course, there are some complicating factors to Prince’s plan, including the possibility that cybercriminals would be able to learn from the data to further their own efforts. Even some of Prince’s colleagues don’t think widely releasing the company’s data is such a good idea without some serious thought into how to do so ethically and securely. So for now he’s going to start small by publishing a blog post identifying the global networks most often involved in DDoS attacks, although, he noted, “I could do down to the machine level.”

Playing petri dish

Although Bromium’s technology isn’t inherently data-centric (it’s more about using a novel approach to virtualization to isolate untrusted processes), the company is starting to let users capture some very interesting data. Similar in theory, if not architecture, to the virtual sandboxes that companies such as Palo Alto Networks employ at the network level, Bromium’s new Live Attack Visualization & Analysis (LAVA) feature lets malware run its course within an insulated micro-VM so security analysts can see how it plays out and what it’s trying to accomplish.

During a recent call, Bromium’s chief security architect, Rahul Kashyap, said LAVA could helps these analysts hone their definitions of what’s actually malware and what’s not. Whereas many network, web and endpoint security services gather lots of data about suspected malware activity from across their user bases (like, nearly everyone mentioned in this post), the log files and signatures they generally collect might not provide enough evidence to completely eliminate false positives. LAVA, he explained, gives analysts the ability to eliminate the doubt around whether something is malicious — even undocumented zero-day attacks — because they can watch it watch it run its course in the safety of the micro-VM like a biologist watches bacteria in a petri dish.

Feature image courtesy of Shutterstock user mkabakov.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• A near-term outlook for big data
• Why service providers matter for the future of big data
• Dissecting the data: 5 issues for our digital future

Their method, according to an abstract of a paper just published in Physical Review Letters, is ideal for situations where there is relatively little data to work with, and is “based on the principles used by telecommunication towers to pinpoint cell phone users.” Essentially, the algorithm starts by looking at a small collection of points within a network and working back from there to determine the origin, kind of like how investigators can zero in on a cell phone’s location using triangulation. The more connections, or observers, a particular point has, the fewer that are needed to track down the source point.

Tracking a cholera outbreak that spread over a river network.

Aside from tracking the spread of web rumors, the team also successfully tested the algorithm against a cholera outbreak in South Africa (analyzing its spread across both water and human networks) and the 9/11 attacks in the United States. Both times, it was able to identify the sources (among a small list of possibilities, at least) using only a fraction of the publicly available data on those events. Thankfully for Vanilla Ice and others concerned with the spread of information over the web, Pinto’s system has an easier time with that type of data because it’s usually time-stamped, which makes it easier to figure out who was “infected” first.

In an article from Ecole Polytechnique Fédérale de Lausanne describing the research, Pinto explains that his team’s method could also be used for everything from identifying the source of a computer virus to determining the blogs most likely to make web content go viral to preventing the spread of an epidemic or chemical attack by learning how it’s spreading.

With so much research coming out to analyze data around crime, disease and other perils, it will be interesting to see the results when the work makes it way out of the lab and into the real world. Death rumors on social media are often times just good fun, but using data science to stop the spread of an epidemic would really be something. Hopefully, public health, law enforcement and other officials are keeping up with the tools now at their disposal.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• A near-term outlook for big data
• NewNet Q4: Platform mania and social commerce shakeout
• NewNet Q4: Platform mania and social commerce shakeout

1. Be smart about passwords and security questions.

Ideally, passwords and usernames should be unique for each service so a breach at one doesn’t result in carte blanche access to the rest of your accounts (if the LinkedIn breach didn’t beat the practice into our collective head, nothing will). Passwords also should be obscure enough that someone won’t be able to guess them if they know a few factoids about the target. And complex helps too: interspersing numbers, symbols and upper-case letters makes it harder to guess even if someone gets the phrase right.

When it comes to security questions, don’t choose answers that are readily available online. If you have a really good memory (or are already good at keeping track of numerous passwords and usernames), choose non-sensical answers to the questions. Your mother’s maiden name: Thomas & Friends, for example.

2. When possible, encrypt

Essentially, encryption software will scramble information and make it unreadable to anybody without the password to decrypt it (or the determination to crack it). However, like anything that make us more secure, it requires some effort on the user’s part. At the least, that means remembering the password for services (such as FileVault on Mac devices) that offer encryption as a standard feature, because losing it might mean losing access to data when it’s needed. For true security in the cloud, though, client-side encryption is probably the best idea, which means finding, possibly paying for and, most importantly, actually using third-party software.

3. Use two-factor authentication

AWS’s Multi-Factor Authentication device

Two-factor authentication means logging in requires both username and password, and a unique code sent at that time to a device the user has on his or her person. For Google accounts, for example, that’s usually via an SMS message to a mobile phone although it can be an app, as well. For some banks (as well as for Amazon Web Services) that can be a device designed especially for the purpose. It can be a pain to always look to another device while logging in, and those without their devices can be out of luck or in for a hassle if they need access, but it’s a pretty effective method even if someone gets your password.

4. If you need it, back it up

It’s kind of strange how cloud services have become so prolific we’re now talking about backing up data locally. Irony aside, however, it’s about the smartest thing someone can do to make sure they always have their important data. External hard drives are relatively cheap, as are third-party cloud services designed specifically for backing up data, so there’s really no excuse not to have multiple copies of files. For whatever it’s worth, Google even lets users download certain account information, which could ensure you never lose Gmail data.

5. Delete it when it’s done

In an era of seemingly limitless online storage, it can be hard to come to terms with the idea that e-mail messages or files might outlive their importance. But to ensure no one sees potentially damaging information — such as salacious messages, messages including personal information such as credit card or Social Security numbers, or username/password reminders for online accounts — it’s smart to delete some stuff sometimes. If messages or other files really must exist ad infinitum, though, back them up (and maybe encrypt them) before deleting them.

6. Don’t be a dummy

Just generally, be smart when doing stuff online. Use antivirus software to help prevent malware (such as keystroke loggers) that could help someone access account information. Keep your Wi-Fi network locked down; maybe don’t even broadcast it. Don’t click on links or open attachments in suspicious e-mail messages, even when they’re from companies with which you do business. If you end up on a site that looks sketchy and has a .ru domain, leave. Don’t go to Black Hat and send anything remotely important over the Wi-Fi network. You get the point.

Dunce image courtesy of Shutterstock user RTImages.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• The rise of M2M security challenges
• Quality of the cloud: best practices for ISVs
• The role of converged infrastructure in the data center

But it’s not the first time a single day has been connected with disaster for the Web. For your pre-doomsday pleasure, here are five more…

March 26, 1999
One of the very first email viruses, Melissa quickly spread around the world on March 26, 1999, causing tens of millions of dollars in damage. So the story goes, the virus was named for an exotic dancer with whom the creator of the virus, David L. Smith, was obsessed. Ultimately, the amount of damage it caused was minimal, but it led several large companies to shut down their Internet connections to the rest of the world.

January 1, 2000
More than $300 billion was reportedly spent in preparation for the anticipated Y2K calamity. Articles, books and TV reports buzzed on about how to survive the “millenium bug.” But January 1, 2000, went by with barely a peep. As the Chicago Tribune wrote at the time: “Y2K bug is an old acquaintance most would like to forget.“

May 4, 2000
By the time the “I Love You” virus (or the “Love Bug”) circled the globe, it had infected 55 million computers and caused billions of dollars in damage. According to security software company Symantec (which gave the virus the No. 1 spot on its list of top viruses a few years ago), the CIA and the British parliament had to shut down their e-mail systems to get rid of the threat. Although it continued to spread, May 4, 2000, is the day it hit the U.S..

April 1, 2009
Timed to activate on April Fool’s Day, the Conficker worm drew headlines from across the Internet, as people wondered if it was just a prank or a devious plot to take down the Internet. On the day itself, there weren’t any major catastrophes, but, later on, reports bubbled up of Conficker-related computer problems. It was said to have infected between 9 and 15 million computers.

Sept. 9, 2010
In actual magnitude, this wasn’t an especially dark day for the Internet, but it still got plenty of attention. Over the course of the day, the ‘Here You Have’ email virus spread around the world, hitting the networks of major organizations like Disney, NASA, Comcast, AIG and Proctor & Gamble. The virus was relatively harmless in that it just spammed inboxes (although, in some cases, so forcefully that employees were no longer able to use email), but it led to some apocalyptic humor on Twitter. “The world is coming to an end. The ‘here you have’ email virus just took down times square,” joked one person. NASA’s Lunar Science Institute tweeted, “Houston, we have a problem… it’s called spam.”

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Web startups: How to guard against security breaches
• GigaOM Research highs and lows from CES 2013
• How HR can make the case for workforce analytics

It’s easy to see why. Mitnick was one of the earliest high-profile cybercriminals around, hacking into some rather important systems and eventually spending five years in federal prison. He’s now a best-selling author and a security consultant trying to protect clients that might have been his former targets from newer versions of himself. If you take down Kevin Mitnick, well, you’ve taken down Kevin Mitnick.

Ironically, the situation got so bad that Mitnick — an admitted cloud computing skeptic — in 2009 turned to the cloud to save him. Kind of.

Who doesn’t like free?

Prior to that, he had been using a less-than-stellar web host as a favor to a girlfriend, and his site was breached on numerous occasions. Because he didn’t have administrative access to the server, there was nothing he could do. In 2009, an upstart cloud provider called FireHost came to him and offered to host his site for free to prove it could stop the intrusions.

It’s three years later and Mitnick’s corporate website still runs on FireHost’s cloud. So far, he said, all has been pretty much well. There are distributed denial of service attacks — including one earlier this week — that prove to be little more than nuisances, and about a month ago someone spotted a cross-site scripting vulnerability that was fixed before any damage could be done. But no serious breaches.

Security first, always

Of course, Mitnick isn’t taking any chances to begin with. Even with his previous hosting provider, he said, “I never kept anything of value [on the web server],” and that remains true with FireHost. His site’s only dynamic page is the email contact form (that’s where the vulnerability was spotted), and he only exposes as little of his server as possible, just port 80. When he accesses his virtual servers, he uses a VPN and and then makes changes via SSH.

Mitnick is also an Amazon EC2 user, but there he’s even more cautious — or perhaps just cost-conscious. He hosts hacking demonstrations on EC2, but they’re only live for a short time before, during and after his presentations. In part, this helps save him from attack (although no one really knows where they are or that they’re his), but, he said, it’s also just a lot cheaper to not run them when they’re not in use.

Kevin’s Mitnick’s lock-pick business card

But FireHost is hosting Mitnick for free, and he doesn’t really expose anything of value in the cloud, so there’s no real reason not to stay. What about the million-dollar question, though: Does Mitnick actually think the cloud is secure enough to handle valuable apps or data? The short answer is “no.”

“To be honest with you, if I’m running an enterprise, I’d want my data local and maybe I’d host applications in the cloud,” Mitnick said. He still wouldn’t trust a third party with proprietary data, and he generally doesn’t trust cloud providers unless he’s able to test them and verify they’re secure enough for his purposes. He trusts FireHost enough to let them access his resources on his behalf. As for Amazon, he acknowledged, he hasn’t really done the homework to figure out whether he’d host his site there.

The most-secure cloud you’ve never heard of

For what it’s worth, Mitnick isn’t alone in trusting FireHost. The cloud provider, which touts itself as the most-secure cloud around has lots of big-name paying customers too, including Johnson & Johnson, 3M, Farmers Insurance and Johns Hopkins University. FireHost has attracted them in part because it’s willing to prospective customers put its claims of security, performance and availability to the test.

“The consumption model is not just technology,” Co-founder and CEO Chris Drake told me recently, “it’s the human factor.” FireHost doesn’t have any outbound sales staff, he said, but when companies see they can get first-class security and performance — even test it in a proof-of-concept — while maintaining the ease of management of a service such as Amazon EC2, and “fish are jumping into the boat.”

Aside from technological security measures, FireHost is also in the business of playing a virtual HOA of sorts. Drake said the company won’t host gaming, gambling or pornography sites in part because they tend to attract bad traffic that could affect their virtual neighbors, and in part because they’re morally objectionable. If you want certain flagship clients, Drake said, you sometimes have to sacrifice easy money.

Mitnick’s still got it

Still, Mitnick warns, whoever a company chooses as a cloud provider, it’s ultimately up to the client company to make their applications are secure. Fairly recently, he said, a company offering a cloud-based desktop service wanted Mitnick to speak on its behalf about how secure the service was. He demanded to test it before putting his name behind it.

That turned out to be a costly decision. Within an hour, he was able to access the virtual machine where the virtual desktop was running. Within 8 hours he had given himself administrative control, broke most of the passwords and had pretty much compromised the whole company. Unfortunately, Mitnick said, he charges a lot more for speaking than he does for a few hours of penetration testing.

Feature image courtesy of Flickr user campuspartymexico; business card photo courtesy of Flickr user medea_material.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• How direct-access solutions can speed up cloud adoption
• The role of converged infrastructure in the data center
• Cloud computing 2013: how to navigate without a map

The DMARC standard attempts to authenticate email by requiring both parties to implement DMARC-standard policies at either end. The idea is that an organization such as PayPal “signs” its outgoing email for all messages associated with its domains. Then when a recipient gets such a message in his email account (if his provider is participating in the program) the mail host checks for the authentication and lets the message through. If a message says it is from PayPal but does not have PayPal’s DMARC credentials, it gets refused.

A report of which messages were received and refused are eventually sent back to the email sender. This allows legitimate senders to see if one of their domains isn’t currently credentialed, but it also lets them know how many attempts are being made to spoof their address.

The result is consumers will no longer see spoofed email messages from phishers. However, consumers and employees will still have to keep their eyes open for emails from hackers that might implement DMARC on their own domains, such as emails from paypa1.com. DMARC only stops “bad actors” from appropriating legitimate domains in a sender line, not from trying to send emails from similar domains.

Some readers will be wondering why this is necessary, given that tech-savvy people can usually check to see whom an email is actually from to uncover the spoofing. But this is for everyone else on the web, who may not know exactly how to protect themselves. With this standard, which the working group intends to submit to the IETF, tech companies are trying to plug some of the security holes in the web.

The web wasn’t a planned system but an amalgamation of technologies that has ended up growing into a network connecting billions of people and things. Efforts such as DMARC join others, including the new IPv6 addressing effort or more-efficient routing systems, to improve an existing ecosystem without costing players too much or shutting things down.

The underpinnings of the DMARC standard are two common email security best practices that are already implemented at about half of the domains on the web and in about 80 percent of legit email. As for consumers, most will have protection on their webmail accounts such as Gmail or Hotmail. The biggest hole for the time being will likely be at midsize companies that still run their own email servers and that will have to wait for their email software provider to support the DMARC standard before they can implement it.

The following additional companies are participating in the effort so far, but others can join now that it is launched: AOL, Bank of America, Fidelity Investments, American Greetings, LinkedIn, Agari, Cloudmark, eCert, Return Path and the Trusted Domain Project.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• NewNet 2012: companies and technologies set to disrupt
• Web startups: How to guard against security breaches
• 12 tech leaders’ resolutions for 2012

However, as the infographic below illustrates, it doesn’t matter whose data is targeted in cyberattacks for the companies left trying resolve events: They are going to pay a lot of money for damage control and to ensure that it doesn’t happen again. That makes you wonder who has more to lose from cybercrime, consumers or the companies charged with protecting their data and helping mitigate consumer losses.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Public, private or hybrid? How to move to the cloud
• A near-term outlook for big data
• Quality of the cloud: best practices for ISVs