BreachExchange mailing list archives
Re: Is dataloss becoming the next 'computer virus' trend?
From: blitz <blitz () strikenet kicks-ass net>
Date: Mon, 18 Dec 2006 13:57:13 -0500
Perhaps we need to be taking a larger look here as well, it's high time the US enact Draconian privacy laws, much like the EU has to protect ourselves from the top down. Many of these "unknown" companies who have access to our most private information need to be shut down, or curtailed severely as well. The remainder need to be managed in a "Secret" to "Top Secret" security atmosphere, including logs of each and every access and for what reason and accountability to the people who's data they hold. I believe much evil would then be either curtailed or exposed. Much like the illegal alien problem here in the US, too many people are making too much money from violating the laws, and what should be a foregone assumption (privacy) needs to be codified.
We see few compliance or regulatory sanctions, little in the way of public flogging (the VA laptop loss being a notable exception), and an ocassional slap on the wrist (e.g., MA Dept of State's whopping $25k fine against Ameriprise Financial for losing a laptop with data about 230,000 customers and financial advisers). You're right, these losses are weekly if not daily news items. They're so commonplace, however, that I'd propose we're (collectively) becoming desensitized: we're tuning out the ongoing "noise". I think it's clear we need a landmark tracking / longitudinal study of these breaches, their affected individuals, and ideally, the organizations in question, to assess whether there is a real crisis. There may not be, as much as we think there is or might be. -- Sean Steele, CISSP infoLock Technologies 703.310.6478 direct 202.270.8672 mobile ssteele () infolocktech com
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 512 incidents over 6 years.
Current thread:
- Is dataloss becoming the next 'computer virus' trend? Richard Forno (Dec 17)
- Re: Is dataloss becoming the next 'computer virus' trend? security curmudgeon (Dec 17)
- Re: Is dataloss becoming the next 'computer virus' trend? blitz (Dec 17)
- <Possible follow-ups>
- Re: Is dataloss becoming the next 'computer virus' trend? Sean Steele (Dec 18)
- Re: Is dataloss becoming the next 'computer virus' trend? Brannigan, Chris J - Washington, DC (Dec 18)
- Re: Is dataloss becoming the next 'computer virus' trend? Chris Walsh (Dec 18)
- Re: Is dataloss becoming the next 'computer virus' trend? Brannigan, Chris J - Washington, DC (Dec 18)
- Re: Is dataloss becoming the next 'computer virus' trend? blitz (Dec 18)
- Re: Is dataloss becoming the next 'computer virus' trend? security curmudgeon (Dec 17)