bobcat
Well-known Member
- Location
- Northern Calif
Hearing of data breeches on a regular basis is very unsettling to us all, just knowing that your information is out there and was supposed to be secure. Then after the breech is discovered, you hear of the company establishing tighter protocols and enhancing security systems to prevent it in the future. Even the FTC has recognized that there is no such thing as perfect security, and that security is a continuing process of detecting risks and adjusting one’s security program and defenses.
All technology comes with an "access versus authorization mechanism" trade-off. As technology evolves, that tension evolves along with it. It's like putting a "burglar proof" padlock on your front door, and just waiting for a smarter burglar to come along. It's mainly just a social contract that says: "This is mine, please stay out".
Cybersecurity failures involving what should be sacrosanct health information have become so frequent and common that we are becoming collectively desensitized to them. There are 853 hacking investigations listed on the Health and Human Services Breach Portal website alone that have happened in the last 24 months (I checked) (U.S. Department of Health & Human Services - Office for Civil Rights).
All the AI and quantum cryptography we can dream of cannot solve cybersecurity. There is no "set it and forget it" option. Simply acknowledging that there is no such thing as being completely cybersecure and that technology is complicated does nothing to fix what is a pretty poor state of affairs. So what do we do, just roll over and accept that our sensitive information is a few keystrokes away from public knowledge.
It seems that we can't just keep throwing technology at cybersecurity or pretending that it's a technology issue. Cybersecurity is about people. So what do we do?
All technology comes with an "access versus authorization mechanism" trade-off. As technology evolves, that tension evolves along with it. It's like putting a "burglar proof" padlock on your front door, and just waiting for a smarter burglar to come along. It's mainly just a social contract that says: "This is mine, please stay out".
Cybersecurity failures involving what should be sacrosanct health information have become so frequent and common that we are becoming collectively desensitized to them. There are 853 hacking investigations listed on the Health and Human Services Breach Portal website alone that have happened in the last 24 months (I checked) (U.S. Department of Health & Human Services - Office for Civil Rights).
All the AI and quantum cryptography we can dream of cannot solve cybersecurity. There is no "set it and forget it" option. Simply acknowledging that there is no such thing as being completely cybersecure and that technology is complicated does nothing to fix what is a pretty poor state of affairs. So what do we do, just roll over and accept that our sensitive information is a few keystrokes away from public knowledge.
It seems that we can't just keep throwing technology at cybersecurity or pretending that it's a technology issue. Cybersecurity is about people. So what do we do?
