Post reply

The Public Perception of Security Issues

  • May 3, 2023 at 12:00 am

    #4181209

    Comments posted to this topic are about the item The Public Perception of Security Issues

  • May 3, 2023 at 10:56 am

    #4183471

    Our DR plan required that three copies be printed: one for the office, one for the home, and one for your vehicle.

  • May 3, 2023 at 1:30 pm

    #4183557

    As it should

  • May 4, 2023 at 9:54 am

    #4184069

    Much of public perception comes from press coverage.  The press tend to sensationalise stuff in order to sell their content.

    Other perceptions come from 3rd party conversations.  I can't recall anyone having a security conversation with "Boy, nothing happened today"! It's usually "Jesus, the number of 90 day unpatched instances is shocking", "Took a look at security group x, every man and his dog is in it".

    Although these pub rants contain elements of truth these are conversations out of context and not quantifiable.  As with so many things a rumour goes twice around the world before the truth can get its boots on.

    There is a very definite skill in handling the communication of security breaches.  That also has to include the way companies react when notified of a breach.  Some of them are dismissive, rude and in complete denial.  Those companies are asking to be reported to the ICO (UK Information Commissioner's Office).

     

    LinkedIn Profile

  • May 4, 2023 at 2:27 pm

    #4184208

    Steve, your point about keeping a copy of the incident response letter offline reminded me of something I read a while back. It's a lot easier to apologize for a temporary outage while services are being restored than it would be to inform users or customers that you have no clue how long (if ever) it will take to get the services back online. It happens - even to large companies and governments.

    https://www.zdnet.com/article/ransomware-victims-thought-their-backups-were-safe-they-were-wrong/

    ".. In a separate advisory on offline backups, NCSC notes that it has seen numerous incidents where ransomware has not only encrypted the original data on-disk, "but also the connected USB and network storage drives holding data backups. Incidents involving ransomware have also compromised connected cloud storage locations containing backups." .."

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • May 9, 2023 at 2:37 pm

    #4186698

    It is, for sure. This is one reason I think all the de-dup, online, connected backups are an issue. we need air gaps

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply