Another Data Breach, Another Day
Well well, what do we have here. Another data breach you say? Wow, how crazy. It must have been a super skilled black hat hacker, full of hacking knowledge and super duper hacking level skills to break in!
“Left the server with millions of customer data without a password”
…what the f***! How does that even happen. You’re a company with hundreds of millions of dollars in revenue, your IT team should be solid. There should be a combination of certified and well educated people and people who have down right years of experience and skill. You need this now as a IT team, because I hate to say it, if you don’t have a combo of this, you’re going to get this kind of breach.
I have sat down for these certifications, and let me tell you, they’re expensive and they’re basically all memorization. That BA and Masters in Computer Science that most of these companies want, means that person is out of the loop in IT for those 4 to 8 years, learning mostly from material that hasn’t changed in a decade. I have ran circles around people with BA’s in IT and yet I see so many large companies want that BA over me.
A great example is talent like Iddris Sandu- the tech genius who created key algorithms used by Uber, Snapchat and Instagram. He didn’t even go to College nor bother with a certification right after high school. And yet, had he applied to one of the major companies who use his algorithm, he wouldn’t have been hired.
And if you have hired talent and they still forgot to set a password or even a freaking firewall, then that’s not talent, that’s just layers of experience they formed after years of doing and not learning from doing.
So you ask, how does a IT team forget to set a password on a server- this is why. You hired all paper and no talent.
Yes,lives are at stake here, it’s no joke. We can’t be having missteps here in the cyber side because people’s data are important and people’s lives are not just expendable.
We should not be getting ‘used to data breaches’ we should be getting angry, and class action lawsuits should be rolling out because we cannot let these multi billion dollar companies get away with ‘whoops my bad’. Data is crucial, that’s why hackers and governments go after it. Did you think your age, location and gender was no biggie? No that’s valuable data, that’s why they ask you it on forms. Did you think your credit card information was only useful to nefarious criminals? No, governments like that information too.
The latest hack with the Marriott Hotel was the line for me. That was millions of people’s passport information that was stolen, that is SERIOUS. It can seriously mess up someone’s life.
There needs to be ramifications to this. Yes, if it was a serious level hacking that no matter what the company did, the hackers would get in, that’s different. But a simple configuration or password left out, that’s just careless.
What are your thoughts? Should we accept the breaches as a new reality, or should there be consequences to the companies playing around with our data?