Thursday, November 30, 2006

A Chart of Personal Data Security Breaches 2005-2006

Following my previous post on "Personal Data Security Breaches - 2000/2005", you may also find this "Chart of Security Breaches for 2005 - 2006" worth taking a look at -- lost or stolen equipment with data dominate the threatscape.

With the eye-popping big bubbles, and hundreds of thousands of people exposed due to the centralized and insecure nature of storing and processing their information, ask yourself why would an attacker ever bother to initiate a network level attack against a data aggregator nowadays? Consider the other perspective when it comes to data security breaches, namely "To report, or not to report?" a breach, and how is an organization supposed to report when they're not ever aware that personal information has already been exposed.
Take your time to go through a very good resource keeping track of all reported data security breaches and notice the most common patterns for yourself.

A Movie About Trusted Computing

Great opinionated introduction to the topic. Trusted computing isn't the panacea of total security simply because there can never be 100% secure OS or a device, unless of course you put so much security layers in place to end up with zero usability, so what's it gonna be? Insecurities are a commodity, but security and usability issues are always a matter of viewpoint, so don't act as if you can provide 100% security, because what you're actually offering is a marginal thinking while proposing a solution.