Kevin Beaver's Security Blog

500 million and counting…

I just received a press release from Beth Givens at the Privacy Rights Clearinghouse stating “500 Million Sensitive Records Breached Since 2005”. 500 million+ known records that have been compromised in 5.5 years in the U.S. alone due to people in organizations large and small making poor choices about information security and privacy! Simply amazing.

If you haven’t seen the Chronology of Data Breaches, check it out. It’s fascinating. The problem of people putting forth little to no effort to keep information secure affects every single one of us. Scroll through the breach list and you’ll likely see a business or organization you’ve dealt with in some fashion or another.

What’s it going to take? Security standards have been developed. Security and privacy laws have been passed. The word’s getting out. Yet, still, the carelessness and ignorance continues. Seriously, what’s it going to take? I know it’s easy for me to ask these questions being on the other side of the table. I don’t envy anyone who’s responsible for managing information security. Arguably it’s one of the most difficult things to do in business today. Perhaps we need to re-think how we’re doing things. Personally, I’m starting to like my colleague Pete Lindstrom’s modest proposal to publish SSNs and be done with it. In our complex world with no real way to get our arms around this best once and for all, perhaps there is no good answer.

Beth Givens and company: Keep up the good work pulling all of this information together and keeping us informed.