Information - Protected?

It is interesting to see the changes in information and how people want to protect it or not. I look at the recent breaches and many had millions of records that were accessed by adversaries and there was not really much backlash from anywhere.


Have breaches become so normal that people no longer think of them as a big issue?


Or, has it become so overwhelming that it is just easier to not acknowledge the whole issue at all?


Recently, my sister was having a discussion with a work colleague and they were discussing what would be helpful in security. They discussed that people do not always know what is good and bad or what they need to do. She made the comment that she just wanted an application that would give her the right thing to do to protect her information or know what to do and when to fix it.


My family gets guidance when it comes to the protection of their own data. They get texts to update their phone when it is urgent and have privacy screens on their phones. All of them can spot phishing with ease and are wary of anyone asking for more than basic information. I forget that work calls have been overheard by my family for quite a while now and some of the information really does stick.


My favorite is when they show me phishing attempts and comment that the person did not even try to trick them. 


How do I protect people from their data being stolen from places? Well, I have no idea at all. Some places require data to conduct business. Trusted places that one would expect there to be security and monitoring in place that have had recent breaches. Once your information is out there, how do you get it back or removed? Some companies will help with this situation. However, your information is still somewhere you do not want it to be. 


It does get overwhelming quickly and I think the best method is to limit what information you provide, monitor where your information is, and ensure you do not fall for phishing. Opt out of whatever you can and do not use your primary email for your online purchases. Separate as much as you can and be a bit suspicious of things that are too good to be true.


I do not think that there will be a change in the value of data anytime soon. I think there are different uses from the adversary who gained access to the mental health records of patients to use it against them to gaining access to larger companies that have gaps in their security.


There is not much you can do to tell if a company is secure because even if a company has third-party audits there is no guarantee that there is not a gap or a zero-day that can be exploited. 


Best advice is find your trusted suppliers that have security programs and work to improve. I always find it a red flag when companies state they have had zero security incidents. I have a REALLY hard time believing that. Nothing at all? In today’s environment, that is really hard to believe.

Comments

Post a Comment

Popular posts from this blog

Understanding Protection (SC)

Understanding Protection (SC) These controls focus on protecting system boundaries, communications, and preventing unauthorized data exposure. Let's break down the key SC controls with examples. SC-1: Policy and Procedures This foundational control requires documented policies and procedures for system and communications protection. Example: SYSTEM AND COMMUNICATIONS PROTECTION POLICY Version: 2.1 Last Updated: 2025-01-02 1. PURPOSE This policy establishes requirements for protecting the organization’s cloud infrastructure and communications. 2. SCOPE Applies to all cloud systems within the authorization boundary. 3. POLICIES 3.1 Encryption Requirements - All data in transit must use TLS 1.2 or higher - All data at rest must use FIPS 140-2 validated encryption - Key rotation required every 365 days 3.2 Network Security - All external connections must traverse a DMZ - Firewall rules follow deny-by-default principle - Monthly review of access control lists 4. PROCEDURES 4.1 Firewall ...
Read more

Security Assessment (SA) Controls

The Security Assessment (SA) family of controls, derived from NIST 800-53 Revision 5, plays a pivotal role in keeping systems secure over time. What Are the Security Assessment (SA) Controls? The SA family of controls focuses on ensuring that security controls are assessed for their effectiveness and are continuously monitored throughout the life of the system. This means checking whether the security measures in place are not only effective but remain effective and up-to-date as time progresses. For FedRAMP Moderate, these controls are crucial because: They ensure security controls are evaluated regularly. They support continuous monitoring for vulnerabilities or weaknesses. They establish corrective actions when necessary. SA-1: Security Assessment and Authorization Policies and Procedures Control Overview SA-1 requires the development of security assessment and authorization (A&A) policies and procedures. These procedures outline the process for conducting security assessm...
Read more

FedRAMP Moderate Rev 5 SI Controls

  In this post, I'll break down each SI control in FedRAMP Moderate Rev 5 and provide tips.   SI-1: System and Information Integrity Policy and Procedures The key to a strong base is well-documented policies and procedures.  For SI-1, organizations must: - Develop and maintain system and information integrity policies that address purpose, scope, roles, and responsibilities - Define procedures for implementing security controls - Review and update these documents at least annually Example:  Create a System and Information Integrity Policy document that includes: - Malware protection requirements with procedures - System monitoring procedures - Software and firmware update processes - Security alert handling processes and procedures - Error handling protocols  SI-2: Flaw Remediation Flaw remediation is key for maintaining system security.  Organizations must: - Identify, report, and correct system flaws promptly - Test software updates before deployment...
Read more