• Marriott hack hits 500 million guests
    9 replies, posted
https://www.bbc.com/news/technology-46401890?ns_campaign=bbcnews&ns_mchannel=social&ocid=socialflow_facebook&ns_source=facebook
I swear this shit comes out for a different company on a monthly basis. Can we address cyber security finally? We just keep progressing so fast technologically, that we can't keep up with the security side of it.
We do keep up with security technology for several software technologies, they are either not used or wrongly configured.
Needs to change. One Second After is a good book to read that can make you think about that stuff a little. Fiction, but it's what made me wonder and be concerned about the security side.
It will once it becomes either profitable to do so (because security costs money) and/or regulations come out to enforce it, with reasonable financial penalties. I do not see it as a problem that will "resolve itself". And not all security issues are IT related. Imagine how little the general public cares about infosec, now apply it to them being an employee at a large corporation. The number of times I have to decline requests from users for something, because it violates regulations that we adhere to, is ridiculous. You can't even get employees to not write their passwords on a piece of paper that sits on their desk.
These data breaches aren't always because of technology moving too fast Quite often with large businesses its because they don't think they need a large security budget, and that area is the first to get budget cuts as it is. In short - companies tend to not do due diligence.
About what I expect from a shitty company that won't stop fucking robocalling my cell phone
Why don't they just delete the data after a few weeks/months after the costumer has left?
Can't sell it to companies centered around business analytics if you do that.
The more this happens, the less incentive there is for these companies to secure customer data because it becomes normalized for companies to leak everything. Basically the only solution is big fines and regulation for this kind of thing, you should need to pay every customer a large sum if you leak their data due to negligence, under budget security, etc.
Sorry, you need to Log In to post a reply to this thread.