Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dataloss] Is dataloss becoming the next 'computer virus' trend?
From: blitz (blitzstrikenet.kicks-ass.net)
Date: Mon Dec 18 2006 - 12:57:13 CST
Perhaps we need to be taking a larger look here as well, it's high
time the US enact Draconian privacy laws, much like the EU has to
protect ourselves from the top down. Many of these "unknown"
companies who have access to our most private information need to be
shut down, or curtailed severely as well. The remainder need to be
managed in a "Secret" to "Top Secret" security atmosphere, including
logs of each and every access and for what reason and accountability
to the people who's data they hold. I believe much evil would then be
either curtailed or exposed.
Much like the illegal alien problem here in the US, too many people
are making too much money from violating the laws, and what should be
a foregone assumption (privacy) needs to be codified.
>We see few compliance or regulatory sanctions, little in the way of
>public flogging (the VA laptop loss being a notable exception), and an
>ocassional slap on the wrist (e.g., MA Dept of State's whopping $25k
>fine against Ameriprise Financial for losing a laptop with data about
>230,000 customers and financial advisers).
>You're right, these losses are weekly if not daily news items. They're
>so commonplace, however, that I'd propose we're (collectively) becoming
>desensitized: we're tuning out the ongoing "noise".
>I think it's clear we need a landmark tracking / longitudinal study of
>these breaches, their affected individuals, and ideally, the
>organizations in question, to assess whether there is a real crisis.
>There may not be, as much as we think there is or might be.
>Sean Steele, CISSP
Dataloss Mailing List (datalossattrition.org)
Tracking more than 143 million compromised records in 512 incidents over 6 years.