Are we becoming desensitized to data breaches?
Maybe it's just me, but are all of the mass media reports of data compromises causing us to become desensitized to the dangers of poor security practices or are they helping? This question lately became significantly more valid to me personally.
First, the breach of Heartland late last year was instrumental in allowing budget money to be released for security projects. Should I be grateful that Heartland had a potentially larger breach than possibly TJX? Timing is everything when working on a security project and the release of that breach notification helped mature in the InfoSec process for many organizations.
Second, having spent the better part of last year diligently working on writing ISO standard policies and the resulting agonizing process of IT governance development, I have found these breach notifications to be extremely helpful to my cause. As part of the ISO 27001 ISMS (Information System Management System) policy development, I included a listing of US state breach notification law. (This also helps with remembering to update the policy quarterly.) Any organizations who deal with credit card information from diverse geographic locations are required to understand the breach notification requirements of their customers locations, including internationally.
Last month, I received a well-worded letter from Wyndam Hotels informing me that my personal information had been compromised by a "very sophisticated hacker". Well, that very carefully chosen wording did get a chuckle from me, but then reality hit me. I am officially a victim of the war we fight every day. I'm not privy to the details of the hack, (although I tried) but it did feel entirely different being a victim. As a result, I spent quite a few hours protecting my personal data. Thank goodness they notified me and offered the free credit reporting services before my information was actually stolen. According to the law, they had no choice but to let me know.
Mari Nichols iMarSolutions
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago