Wednesday, April 02, 2008

"It Was an Insider!" = "Sorry, We Are Idiots!"

Hannaford breach the work of an insider? I think whoever made this one up was thinking like this:

We are PCI compliant, we pretend to have good security, etc ->
we suffer a huge embarassing data loss ->
how can we still justify our past efforts as worthwhile and "effective" (even though reality just proved they were not) ->
let's invent a factor that is known to bypass many of the existing defenses ->
what this factor? ->
Yes! Insider! It was an insider! ->
We KNOW it :-)

(Mike R doubts it too here)

Some of the stories on this get downright idiotic, like this: "

Dr Anton Chuvakin