And as leisure time and work comingle more than ever, home computer failure can cause important data to be lost on failing or aged hard drives. The good news in personal computing is that, just as for businesses, highly dependable consumer level encrypted data backup is inexpensive and easy through cloud providers like Mozy or Carbonite. Anyone who has experienced the loss of work while working at home at a critical moment isn’t likely to repeat the mistake.
One difference is that home users of work data are wise to take the additional step to back up their entire hard drive on an external drive at home, and not for just more redundancy. Providers like Carbonite will back up documents and pictures automatically, but cannot restore applications and other copyrighted software on a computer without an additional license. If a computer’s drive can be reformatted, it can be restored completely with such backup, remembering that a local external drive will create yet another copy of all your proprietary data that will not be encrypted.
Individuals and businesses of all size and complexity are now more likely to face global threats of hacking, data and intellectual property theft from criminal, commercial and even state-sponsored attacks.
Long time risk analyst Robert Charette of ITABHI Solutions says that the threat of criminal or hostile state activity could be used as a competitive lever by groups that don't answer to legal codes of the countries they operate in.
Charette even coined a term for the tactic, calling it "riskfare."
"China can manipulate the U.S. by changing risks because all they have to do is not buy our treasury bonds," he said. "Cyber warfare, because we're integrated by technology, can allow tremendous threats through relatively small things."
The thesis is that the manipulation of risk is going to be much more powerful in the future and that it's going to be deliberate. Businesses have responded in part by installing chief risk officers as much as a way of evaluate investments in technology as they are used to monitor threats.
Musegh Hakinian is the security architect at Intralinks, a B2B provider of secure workspaces for companies in M&A or collaborating on research or products in highly-regulated industries.
"You want to remember that while the nature of applications used by consumers has changed for business and government, the threat is also changing," Hakinian says. For example, a G-mail attack this summer targeting White House officials calls for a different discussion than a natural disaster or fighting off mischievous hackers trying to build a reputation.
As industries collaborate on security threats, customers should ask whether they can extend their own security standards to cloud providers and others. The bigger question is budgeting for risk across a range of adversaries and internal measures that aren't likely to earn or retain funding over a period of time when nothing terrible, much less bad, has happened.
And it's unlikely to be controlled or addressed on the mixed technology environment of the offsite or mobile worker. "There is no consumer culture that rewards the good players," Hakinian said. "It's very difficult for consumers to gauge which providers are doing great work on the security front and if you are spending more on security, it doesn't guarantee any specific return."
Different observers have pegged the greatest failing of 9/11 on either a lack of intelligence, or a failure to heed visible warnings. What's clear is that the uncertainty will bring risk management closer to to the forefront of managing disasters or attacks as well as assets and investments in the business, information and technology environments.
The lessons we've learned turn out not to have justified plastic sheeting and duct tape, but there is still plenty of evidence that the best planning starts at home.