As the saying goes, the more things change they more they stay the same. It suits what’s happening with security just perfectly. It’s common knowledge that computer security is a problem that affects every business and every individual in some way. Security best practices are available. The rules have been laid down. Why are breaches still occurring?
I think to myself, on the surface there’s:
Blah, blah, blah…We’ve been talking about this stuff for years! The deal is – security’s a choice. Just like everything else we do in business and life, we’re either contributing or we’re taking away. There is no in between. You either support information security for the betterment of the business or you don’t. When management chooses not to give security the real attention it needs…it chooses the consequences. In particular, when managers ignore security assessment report findings, training requests, and policy enforcement needs, and instead, bury their heads by choosing to believe that security doesn’t affect the business – or technology is the answer (ha!) – then they’re masking the real problems.
How many more entries are going to be made into the Privacy Rights Clearinghouse Chronology of Data Breaches? Just look at it. Today it’s at 166 million+ compromised records and growing by the day. And, it’s chock full of stupid security oversights – things that could’ve been prevented. How many more security breaches will occur that go unnoticed or unreported? Well, I guess we won’t know – but you get my drift.
Wake up business managers and executives! Your business is bleeding and only you can stop it.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”