• @[email protected]
      link
      fedilink
      English
      111 months ago

      Right? It’s insane. I have been doing infosec since the 90s and it is wild how everyone back then was arm waving and doomsaying and talking about digital pearl harbor and all that… while nothing all that big was happening.

      I mean they were right. But compared to the last ten years? Holy sweet baby Jesus. We’ve had dozens of digital pearl harbors. One after another.

      And still most companies don’t take infosec seriously enough. Just as it is with any externality (climate change, pollution, people’s well being), anything beyond purely growing profits is low priority. So they are making the same mistakes, coding the same bugs, falling for the same social engr attacks. Over and over again.

      Meanwhile there’s a huge profit incentive for the criminals and huge benefits for state level attackers, so they’re throwing everything they have at it.

      If I’ve been involved in less than a couple dozen breaches by now I would be shocked.