Is it just me or has 2023 been the year of the data breach? Maybe they are just larger or more widely reported. Just seems like there have been a fuck-ton of them this past year.
I don’t think the problem is “we” securing things (we being cybersecurity professionals). I think the problem is companies seeing that it’s cheaper to take the PR hit, pay the ransom, pay for cybersecurity insurance, etc than it is to pay for a properly secured network.
Cybersecurity is hard (citation needed) and costs a lot of money (citation needed). If a company figures it’s cheaper to have a breach and deal with the fallout than it is to properly secure shit I can promise you what will happen.
Profit > Security. These companies don’t care so long as the consequences don’t affect profit significantly enough. Infosec is always an afterthought, if considered at all.
Stupidest thing I’ve ever heard, you’ve clearly never worked for a company that’s dealt with a customer info data breach. It costs them massive amounts of money to clean them up, pay for identity protection (never take that) and the PR alone costs them more in the end.
Is it just me or has 2023 been the year of the data breach? Maybe they are just larger or more widely reported. Just seems like there have been a fuck-ton of them this past year.
I bet 2024 will have more. More stuff is online and we don’t seem to be getting any better at securing it.
I don’t think the problem is “we” securing things (we being cybersecurity professionals). I think the problem is companies seeing that it’s cheaper to take the PR hit, pay the ransom, pay for cybersecurity insurance, etc than it is to pay for a properly secured network.
Cybersecurity is hard (citation needed) and costs a lot of money (citation needed). If a company figures it’s cheaper to have a breach and deal with the fallout than it is to properly secure shit I can promise you what will happen.
As always, follow the $$$.
Profit > Security. These companies don’t care so long as the consequences don’t affect profit significantly enough. Infosec is always an afterthought, if considered at all.
Stupidest thing I’ve ever heard, you’ve clearly never worked for a company that’s dealt with a customer info data breach. It costs them massive amounts of money to clean them up, pay for identity protection (never take that) and the PR alone costs them more in the end.