Bevan Lane is director at Infosec Consulting.

The worrying thing about hactivism is that it’s increasingly widespread, and hacktivist groups appear to have succeeded in accessing all their targets. The majority of high-profile hacks committed in recent months appear to have been committed by groups who feel they are taking the moral high ground. The 2012 Verizon Data Breach Investigation report showed that in 2011, for the first time, breaches caused by hacktivists exceeded the breaches caused by criminals.

These hacks extend far beyond the defacing of a Web site. Hacktivists frequently take information from the target and make it public to prove a point. Can we trust hacktivists with our personal information? And what happens to the information they have hacked from these organisations?

Few local companies have been the targets of hacktivist attacks yet, but this is likely to change. Globally, major government organisations, corporates and financial institutions have already been targets in a number of high-profile attacks. As these groups succeed in their attacks, more will become interested and start splinter groups across the globe.

Hacktivist groups may number hundreds of individuals working together around the world, and have scores of sympathisers. Because they usually succeed in breaching their targets’ security, more needs to be done to guard against such attacks, and mitigate damage.

Organisations must have plans in place. There’s a need for security professionals, corporates and IT to come together to prepare contingency plans, conduct risk assessments and make action plans to mitigate damage and respond to situations involving possible attacks from hacktivists. The way to approach this is to adopt a data-centric approach to information security controls, where critical data such as personal client information is identified and secured, monitored and managed across its life cycle. This includes all areas from its initial processing, storage, transmission, back-up and disposal of this data. Are you confident that you have a control over all these areas?