Study Says Data Breaches On The Rise

from the if-it-hasn't-happened-to-you,-it-will dept

It’s hardly surprising to hear that a new study claims that data breaches are on the rise, with the number of incidents picking up steam in 2008. Sadly, news of “the biggest ever data leak” seems to have become a regular occurrence, and is seen just as part of the normal course of business these days. Part of the problem is that the penalties companies pay for the leaks don’t ever amount to much, what with toothless punishment from regulatory bodies and relatively small fines. Most companies just offer some free credit-report monitoring to those affected, maybe have a “special” sale, and move on. While other studies say the cost of breaches is rising, it’s still low enough that, apparently, it’s an acceptable cost of business, and makes the cost of better prevention unappealing. Still, this isn’t wholly a technical problem: human error remains an enormous threat, with “insider negligence” blamed in one study for 88 percent of data breaches.

Filed Under:

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Study Says Data Breaches On The Rise”

Subscribe: RSS Leave a comment
5 Comments
TW Burger (profile) says:

Attitude is Everything

I write security software for a large retailer and everything here is built for as much security as is practically possible.

However, I can attest that the biggest threat to data security is not a not so thoroughly parsed parameter or a port in a fire wall that is left open, it is, as stated, insider negligence. Plain corruption may account for some problems but the bulk of the issues are crappy passwords (ironically my experience is that the more access a user has due to seniority and position the worse the password choice), leaving computers unattended, not wiping discarded hard drives, and not shredding papers that contain sensitive data.

Rich Kulawiec says:

Imprisonment and confiscation for Cxx-level officers

The fix for this is precisely the same as that for other abuses which are either perpetuated or tolerated by Cxx-level officers of other companies (e.g., financial fraud): imprisonment and confiscation of all personal assets. I’m sure we could release any number of casualties of well-known failure called “The War on Drugs” in order to make room for them, and their own assets should be spent on paying for their confinement. Perhaps the prospect of sharing a cellblock with the executives of Citibank and TJ Maxx — as well as some hardened criminals, let’s make sure they’re mixed in — would cause these selfish, arrogant, worthless jerks to think about the consequences of their own greed before indulging it.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »