I have to keep harping on this. The looming EU regulation on hacking is a potentially huge legal liability. You cannot defend yourself in court by arguing that you hire the best people. You can defend yourself only by showing that the hacked data was encrypted.
. . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of zMan Sent: Friday, September 15, 2017 12:16 PM To: [email protected] Subject: (External):Re: Would encryption have prevented known major breaches? Hiring competent people. That's so 20th-century. Get with the program, man! On Fri, Sep 15, 2017 at 8:51 AM, John McKown <[email protected]> wrote: > On Thu, Sep 14, 2017 at 7:41 PM, Tom Brennan > <[email protected]> > wrote: > > > John McKown wrote: > > > >> IMO, encrypting data is a very good defense. Another good defense > >> is hiring competent people rather than inexpensive people and > >> giving them > the > >> time to design, code, and test their solutions. I don't have > >> statistics, but many attacks are based on coding errors such as the > >> infamous "SQL Injection" attacks. On the almost hilarious attacks > >> which succeed > because > >> "whomever" didn't bother to configure the security on some piece of > >> equipment, and left the administrator credentials as "admin/admin". > >> Of course, the people & time requirements that I mentioned "cost too much" > >> and > >> "delay time to market". Today's world is based on think up > >> something in the morning, design over lunch, create before dinner, > >> ship the next morning. > >> > > > > Did you mention admin/admin because of this news report, or just > > coincidence? > > > > http://www.bbc.com/news/technology-41257576 > > > That was the reason. I just couldn't remember if it was Equifax or > something else in the news recently; and I was too lazy to double check. > > -- > UNIX was not designed to stop you from doing stupid things, because > that would also stop you from doing clever things. -- Doug Gwyn > > Maranatha! <>< > John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
