Ten Questions With… John Sileo (Part 2)
added: 11.12.2013, by Mike Spinney
John Sileo is a kindred spirit when it comes to fighting the good fight against data breach and identity theft. I met John about seven years ago when we were both part of a joint project to raise awareness over the issue of physical document protection and we’ve been friends ever since. I admire what John does to help make people more aware of their personal risk and take steps to prevent identify theft. A two-time victim of identify theft, John has refused to wallow in his victimization and instead has become a privacy expert in his own right and taken his powerful, personal message to audiences around the world raising identity theft prevention awareness as one of the issues premiere speakers.
In addition to keynote speaking and his video series, Burning Questions, John is a frequent media source for stories about privacy and identity theft. He was in my area last month for to give a series of keynote presentations for the University of Massachusetts’ privacy awareness program so I took the opportunity to meet with John and ask him ten questions about his work and the issue of data privacy and information protection. This is the second part of that conversation. Click here for Part One.
HoGo: What, if anything, has surprised you as you travel and meet people to address personal privacy and ID theft?
Sileo: The number of people who have already been affected by privacy and data exposure continues to surprise me. Everyone has a story, either about themselves or a loved one, that has deeply impacted their life. I am also constantly surprised at how little businesses and organizations do to educate their team on protecting the private data that gives them a competitive advantage. The average business seems to miss the obvious fact that preventing data loss is a fraction of the cost of recovering from it. If corporations would recognize that investing in data loss prevention is much the same as saving 6-10% annually on their bottom line, I think they would take this issue more seriously.
HoGo: In your presentation you have what you describe as a SPYderweb that details all the ways that people may be vulnerable to data collection or cybercriminals. What is the simplest way to escape from that web without completely disconnecting?
Sileo: The simplest way is to become the SPYder that knows how to operate safely and effectively within that web. You need to be able to take responsibility for the identity at the center of the web, and the human, physical, technological and online factors that threaten the integrity of that identity. You will never escape the web (unless you disconnect from society and technology completely, which sounds attractive but is nearly impossible), so you must make the web your friend.
HoGo: What are some of your favorite tools and techniques for keeping your personal and business information safe and are these largely the same or are there different needs for each? And what, in your opinion, is the best thing a person can do to protect their personal information?
Sileo: My favorite techniques are ways to detect social engineering, when others use deceptive tactics to steal your data. These include defensive techniques I use in my keynote presentations like Hogwash, Burning Questions, SpyKwonDo and the like. I have found that training on human habits and behavior is far more effective than creating long checklists that go out of date upon completion. The best thing a person can do to protect their personal information is to create a teflon Spyder Web, or a layering of security techniques like I talk about in my book, Privacy Means Profit.
HoGo: I recently wrote about the Nirvana Fallacy in response to an experience I had with someone who claimed that education and awareness was an ineffective way to reduce risk to data. What would your response be to someone who expressed such doubt to you?
Sileo: Fantastic! From a selfish perspective, I am paid very handsomely to help people and organizations with that attitude right the ship after they have steered it into a clearly visible iceberg. Please give these people my website, as they will need me sooner than they think!
HoGo: What have we not discussed (or what bears repeating) that you’d most like to tell folks about the risks and costs of data protection and identity theft?
Sileo: If you haven't taken responsibility for your own private information, how can you expect your kids, your employees, your members to have done any better. Start with your own security and work out from there. You'll sleep better and will be coming from a position of integrity when you tell others to do the same.
DISCLAIMER: This post does not constitute an endorsement of HoGo by John Sileo. Nor does it constitute an endorsement of John Sileo by HoGo. It is merely a conversation between two entities concerned with advancing awareness over issues of data privacy, information security, and the protection of intellectual property.