![]() Sensitive data is a lucrative target for threat actors - as can be seen in the rapid growth in ransomware attacks ( PDF). These incidents are a direct result of current gaps in cloud data security, starting with lack of visibility. IBM has found that the average time to identify a data breach is 243 days). (In all fairness, while discovering that a major incident happened four months ago seems terrible, it’s actually better than some industry benchmarks. This led the company to issue conflicting statements which only furthered the reputational damage to themselves, and potentially hindered their customers from applying the correct mitigation measures. LastPass took months to detect the incidents, and additional months to understand the full scope of each breach and the extent to which customer data was compromised. The second incident ended on October 26, and was only uncovered at the end of February. The initial breach happened in August, and was reported by LastPass in December. One of the most shocking aspects of these incidents is how long they took to uncover. Cloud security isn’t data-centric – which allows these incidents to fly under the radar The broader damage caused by this leak is not entirely clear. It's safe to guess that dozens - across engineering, security, and upper management - will spend months or years mitigating the damage. It's not at all clear if the company will manage to regain user trust and recover from the blow dealt to its reputation. ![]() This is an eye-watering amount of sensitive data that can now be used maliciously. Configuration data, API secrets, and third-party integration secrets. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |