Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management
Troy Hunt: Why Data Breaches PersistMore Data, Use of the Cloud and IoT Presage Even More Big, Bad Breaches
Bad news for anyone who might have hoped that the data breach problem was getting better. "I'm just seeing a massive rate recently of breaches" of many different styles and sizes across seemingly every sector, says Troy Hunt, the Australian security researcher who created the free Have I Been Pwned? breach-notification service.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
"Anecdotally, it just feels like we're seeing a massive increase recently," he says. "I do wonder how much of it is due to legislation in various parts of the world around mandatory disclosure as well. Maybe we're just seeing more stuff come to the surface that otherwise may not have been exposed."
But the potential for even bigger breaches also continues to rise, he says. “I don’t see any good reason why data breaches should be reducing, certainly not in numbers," Hunt says. "I reckon there are a bunch of factors … that are amplifying certainly the rate of breaches and also the scale of them." Such factors, he says, include the ever-increasing amounts of data being generated by organizations and individuals, the increasing use of the cloud - and the ease of losing control of data in the cloud - as well as the many more internet of things devices being brought into the world.
In a video interview at the recent Infosecurity Europe conference, Hunt discusses:
- Long-term forecasts about data breach quantity and severity;
- Why breach perpetrators so often continue to be children;
- How so much “smart” technology aimed at children continues to be beset by abysmal security.
Hunt is a Microsoft regional director and MVP, Pluralsight author and internet security specialist. He has testified before the U.S. Congress on the impact data breaches are having on society. This month, he was inducted into the Infosecurity Europe Hall of Fame and delivered a keynote speech to mark the occasion (see 10 Highlights: Infosecurity Europe 2019 Keynotes).