This newest breach will have a much greater regulatory impact than Equifax...

jcundiffjcundiff Posts: 484Member ■■■■□□□□□□
Deloitte breach will have a much greater impact than equifax... Why? one simple reason... it impacts corporations with enough voice and capital to bring change whereas Equifax impacted individuals who do not possess those resources

https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/
"Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke

Comments

  • PristonPriston Posts: 999Member ■■■■□□□□□□
    Between the government, credit card companies, banks, and class action lawsuits. I think there will be a lot of change from the equifax breach, it just might take a few years.
    A.A.S. in Networking Technologies
    A+, Network+, CCNA
  • jcundiffjcundiff Posts: 484Member ■■■■□□□□□□
    Priston wrote: »
    Between the government, credit card companies, banks, and class action lawsuits. I think there will be a lot of change from the equifax breach, it just might take a few years.

    The Equifax breach impacted none of those, just individuals, so those named entities lose nothing, so response won't be as harsh as we would like. DT on the other hand impacted those and more (Fortune500 companies) who have resources to drive the regulatory change
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • 636-555-3226636-555-3226 Posts: 976Member
    I would like to buy tickets to travel to your fantasy land! It sounds like a great place to be!

    Unfortunately, I hate to say it, every year we see so many mega breaches involving hundreds of millions of records yet ... nothing's really changed over all those years. Lots of talk, but not really any good, industry-changing action.

    I hope you prove me wrong, I really do, but I'm a total pessimist when it comes to infosec these past few years & looking into the future.
  • jcundiffjcundiff Posts: 484Member ■■■■□□□□□□
    I would like to buy tickets to travel to your fantasy land! It sounds like a great place to be!

    Unfortunately, I hate to say it, every year we see so many mega breaches involving hundreds of millions of records yet ... nothing's really changed over all those years. Lots of talk, but not really any good, industry-changing action.

    I hope you prove me wrong, I really do, but I'm a total pessimist when it comes to infosec these past few years & looking into the future.


    Me? or Priston? I dont think Equifax changes much, but DT will introduce new regs much like worldcom and enron did
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • the_Grinchthe_Grinch Posts: 4,123Member ■■■■■■■■■■
    I think, if we see any changes (that's a big if), they will be in the establishment of federal level reporting requirements. Right now the mish mash of reporting requirements state by state are a headache at best. Needs to be a floor level set and then the states can conform. But honestly, if nothing has occurred at this point you won't see anything. Fully expect to see an argument from these companies that old regulatory requirements lead to these hacks. Mind you they work towards the check in the box and not real security.
    WIP:
    Python
    Java
  • JoJoCal19JoJoCal19 California Kid Posts: 2,736Mod Mod
    jcundiff wrote: »
    The Equifax breach impacted none of those, just individuals, so those named entities lose nothing, so response won't be as harsh as we would like. DT on the other hand impacted those and more (Fortune500 companies) who have resources to drive the regulatory change

    This.

    Look, no one really cares about us and our PII. Capitalism and companies run this country (and the Gov). If the Deloitte breach hits their pocketbooks due to lost trade secrets, etc, you can bet your rear they will sink millions into lobbying (and then getting new bills) for new regs to protect themselves and look after their interests.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSP, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
Sign In or Register to comment.