Data Security Is Worsening: 2017 Was the Worst Year Yet
Daniel Solove
Professor, GW Law School + CEO, TeachPrivacy + Organizer, Privacy+Security Forum
Every year, we hear about how climate change is worsening. It seems the same story is happening with data security. Last year was the worst year in recorded data breach history. More than 5,200 breaches were reported in 2017, with more than 7.8 billion records compromised. By comparison, there are 7.6 billion people on Earth, so 2017 saw the number of records compromised surpass the total world population. Previously, 2016 was the record-holder with 6.3 billion records compromised. Are there any records left that haven't been compromised?
Major breaches and security incidents included the enormous Equifax breach of 145 million records, the Uber breach, and the NSA leaked tools, which spawned WannaCry and other niceties. Click here for a collection of summaries of some of the more notable breaches of 2017.
Note that all this involves the known and reported data breaches. For every known reported data breach, there are probably many known unreported data breaches. Then there are the unknown unreported data breaches, which are probably a staggering number.
What lessons can be learned from all this? There is one big important lesson that 2017 has taught us, and it is this: We know what causes data breaches, but we are not making progress in stopping them. What we're doing isn't working. This should be a wake-up call. We can't keep doing what we're doing. Policymakers need to try a new approach. But instead, we are just getting more doses of data breach notification laws, and shortening notification time periods. These laws help inform us about the problem, but they won't fix it. Despite countless breach catastrophe stories in the news, we're not seeing a huge change in what organizations are doing to protect themselves.
But, hey, we're not waking up to climate change either. Maybe all the computers will be underwater soon. As we float along, desperately clinging to driftwood, we will finally be able to smile. The data security problem will have been resolved.
Daniel J. Solove is the John Marshall Harlan Research Professor of Law at George Washington University Law School and the founder ofTeachPrivacy, a privacy awareness and security training company. He is the author of 10 books and more than 50 articles.
Professor Solove's Privacy + Security Training
ATM it's a free-for all, and seemingly the perpetrators have been harvesting data as if it was a given right, and certainly an abuse of trust. We believe public opinion will no doubt force change. Of course all of this will not happen without adequate legislation in place, and with the ability to enforce such violations if such breaches continue.
DOMAIN EXPERT??Artificial Intelligence?? Android??Blockchain??CyberSecurity??DataScience ??Encryption MilitaryGrade??CTO SpaceGraph?.app ?? IT inventor??Visionary:52 yrs ahead of time??Mathematician??Author 75????Speaker
6 年17 big cases in 2017 alone!!
Believe in multidisciplinarity
6 年Very true Daniel, although there is no surprise there: governments and policy makers have always been known to cover their "parts". But then again, they can't actually solve the problem, they are bureaucrats. What is more worrying is that the expert circles sound more and more like bureaucrats, and instead of working on real solutions, they cover their parts too by fueling the hype and trying to explain that what we see is normal. I understand the reason I just don't agree with it: potential solutions might harm profits in the short term, but then if we go down this rabbit hole, we might be trading the bigger profits of today's for no profits tomorrow. Like global warming, as you very well put it. Here is the long version of my opinion (https://www.dhirubhai.net/pulse/cyber-food-chain-who-eats-cyberspace-stefan-h-farr/)
We have developed a unique proprietary solution over the past 2 years, which will solve the issue of being compromised in such a fashion, and circumvents many of the challenges raised in this article. It has been thoroughly tested in the most hostile of environments, providing full privacy & protection. If any one is seriously interested in obtaining more detail, should contact us by PM.
Managing Partner-SM Consulting -Cyber Sec & Data Privacy Advisory
6 年Absolutely Right Diganta!! One reason for this sorry state of affairs is our lack of knowledge on what the loss of data will mean for us and our customers. The complexity of implementing the available Solutions is also NOT helping the cause !!!