I just received a press release from Beth Givens at the Privacy Rights Clearinghouse stating “500 Million Sensitive Records Breached Since 2005”. 500 million+ known records that have been compromised in 5.5 years in the U.S. alone due to people in organizations large and small making poor choices about information security and privacy! Simply amazing.
If you haven’t seen the Chronology of Data Breaches, check it out. It’s fascinating. The problem of people putting forth little to no effort to keep information secure affects every single one of us. Scroll through the breach list and you’ll likely see a business or organization you’ve dealt with in some fashion or another.
What’s it going to take? Security standards have been developed. Security and privacy laws have been passed. The word’s getting out. Yet, still, the carelessness and ignorance continues. Seriously, what’s it going to take? I know it’s easy for me to ask these questions being on the other side of the table. I don’t envy anyone who’s responsible for managing information security. Arguably it’s one of the most difficult things to do in business today. Perhaps we need to re-think how we’re doing things. Personally, I’m starting to like my colleague Pete Lindstrom’s modest proposal to publish SSNs and be done with it. In our complex world with no real way to get our arms around this best once and for all, perhaps there is no good answer.
Beth Givens and company: Keep up the good work pulling all of this information together and keeping us informed.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”