Answering the age old security conundrum – who is at fault for a breach?
Despite an increased focus and attention on securing networks, it seems that cyber breaches are only increasingly in frequency and scope. In fact, we’ve seen multiple very high profile breaches occur just this year – including breaches impacting government agencies, such as the Office of Personnel Management (OPM), major retailers, including Starbucks, and even online services, such as Ashley Madison.
These aren’t victimless incidents. The personally identifiable information (PII) of many Americans has been stolen and is potentially being utilized for any number of online misdeeds. And – in the case of Ashley Madison – dirty little secrets were exposed that have discredited public figures and even led married men to take their own lives out of shame and embarrassment about their infidelity.
In instances of breach, there is often a lot of finger pointing. Those that had their information stolen point their fingers at the companies that were breached, claiming that they needed stronger security on their networks. The companies sometimes point right back, claiming that better cyber hygiene on behalf of the customers could have helped mitigate the chance of a breach.
So, who is really at fault? We recently sat down with John Lloyd, the Chief Marketing and Sales Officer at Authomate, to hear what he thinks.
During our podcast discussion, John detailed instances in which he felt companies were at fault, instances when he felt it was user error and why he feels that all companies should be taking steps to embrace technology that can better protect their customers – regardless of what’s in their user agreements.
Here is what John had to say:
To learn more about the security challenges impacting CISOs today, register for our upcoming Webinar, “Ending the Game of Enterprise Security Whac-A-Mole,” featuring the CISO of Mattel, Jill Knesek, by clicking HERE.