Re: Is dataloss becoming the next 'computer virus' trend?

[blitz <blitz () strikenet kicks-ass net>]

Perhaps we need to be taking a larger look here as well, it's high 
time the US enact Draconian privacy laws, much like the EU has to 
protect ourselves from the top down. Many of these "unknown" 
companies who have access to our most private information need to be 
shut down, or curtailed severely as well. The remainder need to be 
managed in a "Secret" to "Top Secret" security atmosphere, including 
logs of each and every access and for what reason and accountability 
to the people who's data they hold. I believe much evil would then be 
either curtailed or exposed.
Much like the illegal alien problem here in the US, too many people 
are making too much money from violating the laws, and what should be 
a foregone assumption (privacy) needs to be codified.



> We see few compliance or regulatory sanctions, little in the way of
> public flogging (the VA laptop loss being a notable exception), and an
> ocassional slap on the wrist (e.g., MA Dept of State's whopping $25k
> fine against Ameriprise Financial for losing a laptop with data about
> 230,000 customers and financial advisers).
>
> You're right, these losses are weekly if not daily news items. They're
> so commonplace, however, that I'd propose we're (collectively) becoming
> desensitized: we're tuning out the ongoing "noise".
>
> I think it's clear we need a landmark tracking / longitudinal study of
> these breaches, their affected individuals, and ideally, the
> organizations in question, to assess whether there is a real crisis.
> There may not be, as much as we think there is or might be.
>
> --
> Sean Steele, CISSP
> infoLock Technologies
> 703.310.6478  direct
> 202.270.8672  mobile
> ssteele () infolocktech com
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 143 million compromised records in 512 incidents over 6 years.