Tuesday, August 18, 2009

The same TJX hacker?

How many more breaches were perpetrated by Albert Gonzalez? According to new charges, he is saddled with TJX (from before) and now with Heartland as well as Hannaford! The guy has been busy, no doubt.

What was it that made these breaches similar? And what did we not learn from the first ones that we let Albert and gang do it again and again? Obviously there are many theories - but my view is, at the end of the day, infrastructure protection can get you only so far.

We need an information-centric approach to protection where the focus is not on the pathways, perimeters and devices, but on the data itself. Imagine if this were the case in the above breaches, where data was stripped of networks, or from servers. If that data were protected at rest and in flight, it would not have mattered if the data were copied outside the company - it is protected! It remains encrypted!

Better, more logical and more effective security. But seems like folks are still in the rush of "protect the infrastructure"...

No comments: