Every time I see a data breach caused by a third party vendor, I can't help but wonder why are these big companies so deeply reliant on outsourcing, yet so lax when it comes to controlling security?
Usually some regulation change that the company is not aware off, they have to run to find a fix as soon as possible, some business guy who don't know anything about tech find a vendor who are ready to sell a solution (they probably created their whole business last month on a gamble that the new regulation would be passed and that businesses would be rushing for a solution). Then they simply buy that solution "for compliance" as a top down decision, even when internal employees ring the warning bell.
I don't think incidents like this are minor. I believe personal information security is very important. Maybe they see the consequences as small, but I don't.
theknarf|4 months ago
kevincox|4 months ago
atbvu|4 months ago