8 Mega-Breaches and Advice for MSSPs, Other Providers
The last several months have seen the continued onslaught of massive data breaches, and each of these catastrophic events holds lessons for MSSPs and other cybersecurity providers.
When it comes to data breaches, Paul Ducklin, Sophos’ senior technologist, has a simple and uncompromising way of explaining why things end badly for everyone.
“Imagine that you just acquired the services of the world’s biggest, most creative, most influential marketing agency, ready to run a massive global campaign especially for you,” he said. “And you told them to focus on making your organization look really bad, really quickly. Well, that’s pretty much what a data breach does for your business. There’s simply no upside, nor should there be. When you collect data from your customers for your own benefit, you owe it to them to look after it properly — to walk the cybersecurity walk, not merely to talk it.”
From Facebook to Marriott to Yahoo, the companies involved are paying dearly for the mistakes/shortcomings that led to the data breaches. The City of Chicago is suing Marriott, seeking restitution to residents that were affected by the breach, in addition to a monetary fine of at least $2,000 per offense, an injunction ordering the company to implement safeguards to avoid future breaches, plus attorneys’ fees, costs and a jury trial, according to a Legal NewsLine report.
And Facebook CEO Mark Zuckerberg could be facing personal sanctions from U.S. authorities for his company’s privacy and data breaches, just when the company admitted that an Instagram password breach had impacted millions of its users. And it was revealed last week that Facebook actually has logged 100 times more Instagram plaintext passwords than they originally disclosed last month, according to Sophos.
In the slideshow above, we highlight a number of the massive data breaches that have occurred in the past several months, and what cybersecurity providers can learn from each of them.