Editor’s note: This blog is the first of PRIVATE WiFi’s #CyberSAFE Leaders Series. Every Friday during National Internet Safety Month this June we will publish a feature story highlighting the work of a leader in the world of cyber safety. This week we profile Mark Goldstein, a veteran innovator in online security, who currently serves as a strategic advisor to the Online Trust Alliance.
Fifteen years ago, Mark Goldstein and his family were victims of medical identity theft. It was 1999 and not much was known about the repercussions of such fraud and the rise of cybercrime. As Goldstein describes it, the landscape for criminals was evolving.
The Changing Face of Crime
No longer did a thief have to be standing next to you to steal your wallet; instead, a savvy crook could steal your personal information virtually, via a cyber attack. And the way the crooks were stealing wasn’t the only thing changing: what they were after was different, too, as data points (i.e., Social Security number, birthdate, address) could be more valuable than plain old paper money. For example, on public WiFi a hacker could easily steal your personal data. Goldstein states, “Unless you would like your Internet communication to potentially end up on the front page of The Washington Post, use a virtual private network (VPN).”
With no assistance in regards to solving his problems with medical identity theft, Goldstein did research to learn more about prevention, but discovered that there wasn’t much available. Having spent most of his career up until that point in IT, Goldstein explains his changing interest into the world of online security. “It sort of dawned on me that data collection was the future and we need to be prepared for how to be protected from this. It was all fascinating to me,” he says.
But from where we were in 1999 to the current state of cybersecurity are two very different playing fields. Goldstein explains, “In the… years I have been working in cybersecurity and privacy, the issues have gone from a minor nuisance to affecting national security and major hits to the bottom line.”
Staying Ahead of the Bad Guys
Through all of this, Goldstein asserts that innovating is a major theme to staying ahead of the bad guys.
For example, during his tenure at America Online he spearheaded a taskforce whose role was to discover innovative ways to mitigate risk. According to Goldstein, a crisis in the mid-2000s was costing AOL to lose a number of subscribers. On the surface, it appeared that AOL’s client was having problems and loading very slowly for a vast number of customers. But with a team in the field, visiting the homes of AOL subscribers in Florida, Goldstein uncovered it wasn’t an AOL issue, but instead the users had viruses and malware on their machines.
After personally removing the bugs off of more than 20 computers, Goldstein created a plan for AOL he called the “Malware Manifesto,” which lead the company to educate consumers and take cybersecurity and safety more seriously. The program included data-protection policies, compliance, data security, incident response, customer-data inventory, privacy training, and awareness.
Goldstein explains, “The effort paid off; the next year when AOL was named one of the top most-trusted companies, safety and security became the DNA at AOL.”
A Trusted Mentor
Although he is no longer at AOL, Goldstein continues to weave the threads of security and online safety in all of his work. As a consultant at SafeSecurePrivate, Goldstein specializes in identifying and preventing cyber and privacy issues before hackers and regulators have a chance to. In his work here he places emphasis on the fact that “not all consumers are created equal… at least in the eyes of hackers and identity thieves.”
He explains cybercrooks are now focusing on “candy stores” or the targets that provide the “biggest payoff with the lowest risk,” he says.
In addition to his consulting, Goldstein serves as a strategic advisor at the Online Trust Alliance (OTA), a global coalition that represents more than 100 companies with the mission of enhancing online trust while developing best practices for “privacy, identity, and security threats to the Internet ecosystem.” Next week the OTA will publish their 2014 Honor Roll, an independent audit including an analysis of over 850 websites that evaluates a site’s brand protection, site security, and privacy practices. According to Craig Spiezle, the president of the OTA, Goldstein was a “great contributor” to the project.
Cultivating the future of #cyberSAFE leaders is also a point of emphasis for Goldstein. He explains, “Innovation is even more important today which is why I’m thrilled to have been selected to be a “Stars Mentor” for MACH37, a DC-area cybersecurity incubator.” The program provides mentoring and support with “a network of visionaries, practitioners, and successful entrepreneurs.” It is designed to facilitate the creation of the next generation of cybersecurity product companies. Other mentors to the program are government representatives on the federal, state, and local levels. Some come from the financial services, insurance, energy, and critical infrastructure industries.
As the world of cybersecurity evolves, Goldstein knows that the experts must keep innovating with one major goal: “I want to make sure people are thinking about protecting their data.”