When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?
That sophisticated, organized fraud rings target individuals and enterprises is no surprise. The recent mega-breaches - Home Depot, JPMorgan Chase, Anthem - show that the criminals have their sights set on high-profile, high-yield data targets.
But what often goes unacknowledged, Davis says, is how well we all showcase ourselves as prospective breach targets. Our own behavior puts us at significant risk.
"Everything we do - social networks, our smartphones and the way we transact and store information, the growth of ecommerce on your mobile device - each one of those contributes to a higher probability that those criminals who are targeting their efforts can get that information and use it for malicious means."
In this exclusive interview - part of ISMG's Executive Sessions series of discussions with today's top security leaders - Davis discusses the top threats to identity and where enterprises and individuals are least prepared to defend themselves. He also talks about LifeLock's growth from startup to publicly traded company and how the firm is stepping up to help enterprises improve their defenses.
One of the biggest hurdles to overcome in the enterprise space: Convincing small and midsized organizations that they, too, are fraud targets.
"They're thinking to themselves 'Why would [the fraudsters] want my employee or customer data?'" Davis says. "They're not aware that there are whole black-market eBays online, where once someone gets especially a volume of information - a spreadsheet of employee data or PII of your customers - they go online and auction it.
"We see chatrooms where the criminals sell [records] in lots of 100, 500, 1,000, 5,000, 10,000 identities at a time," he says. "It's not just about trying to get inside the firewall to get information on the company. That information about your employees and customers can be valuable."
In an interview about identity theft and fraud prevention, Davis discusses:
- How identity fraud has evolved over the past decade;
- Today's biggest risks, including tax fraud and card-not-present fraud;
- How enterprises can improve identity defenses and reduce losses.
As LifeLock's chief executive officer, Davis is responsible for the company's strategic direction. A pioneer in recognizing identity fraud as a serious consumer issue, he helped found LifeLock in 2005 and has led the company from a startup to a publicly traded company with revenue of $476 million in 2014.
Under his leadership, LifeLock grew to 3.63 million members at the close of 2014. It has more than 650 employees in five locations, which include its Tempe, Ariz., headquarters and four California offices. Davis began his professional career at Dell Computer. Prior to leading LifeLock, he served as a managing partner of a marketing organization and was an executive in multiple technology startup companies.