Filed under "this-is-almost-not-even-news", an article from eWeek states that according to PGP Director of Product Management John Dasher, the employment of human beings that's the most common cause of data breaches. I can almost hear the readers saying "duh!" What confused me though is that Larry Ponemon, chairman and founder of the Ponemon Institute, told eWEEK that at least 80 percent of data breaches involve the human factor, a finding that's remained steady in the seven or so studies the institute has done over the past years. I hate to disagree with Larry, but in my not so humble opinion, the figure should be 100 percent.
Why? Consider that humans are the ones who not only handle data, but are responsible for developing the hardware and software that house and protect it. Since we humans are imperfect, everything we create is imperfect (the Common Vulnerabilities and Exposures (CVE) is a testament to this). So that makes us humans ultimately responsible for ALL breaches. As if to drive home this point, eWeek has another article which talks about how some businesses still wait until they have been bitten by breaches before turning to encryption and data leakage prevention (DLP ) tools. Again, duh! This is basic human nature on display. We don't buy the alarm system until our house or car has been broken into. We live in an imperfect world, which means there will always be a battle to fix holes and patch vulnerabilities. The difference is that an automated system (while imperfect) tends to be much more reliable than a human when it comes to reliability and consistency. We humans are the ones that become forgetful, apathetic, emotional, malicious, etc. It's the very things that make us human that make us poor choices for securing data.
No related articles.
