There are so many hacks going on – in a big, general sense, and yet the news and information about these seems to me to be less and less prominent. I was reading around security, databases, all of that which we beat up pretty regularly here on SSWUG – and realizing that there are a good number of headlines kind of quietly floating around.
…and yet we hear about the less and less and I just have to feel like we’re getting numb to all of this.
If you talk to people less involved in tech, and ask about these, the first thing I usually hear about is that they’re not worried about their credit card details as much anymore. They can call and get new cards (or issue new cards in their phone’s pay app) and any charges they don’t recognize are reversed for them.
This seems pretty good in terms of protection. But the implications to business are incredibly difficult. I don’t know how many people that you may be talking with realize it, but the credit card company pulls those refunds and credits from the end-retailer in most cases. So that protection being taken care of out of the goodness of the credit card issuer’s heart, well, isn’t. It’s out of the pocket of the retailer.
Someone, somewhere, just took their product or service for free. They pay that ultimate price, even though they likely had NOTHING to do with the acquisition of an illicit credit card number. They just were the target of its use.
The responsibility to protect information is incredibly complex and difficult. I don’t know, frankly, that we’ll ever really be “in front” of it, preventing all such types of attack. But when I realize that we’re not really talking about these hacks much anymore (I mean, seriously. The largest I know of was Yahoo! – the only thing you really hear about it is “wow, that’s a lot of names and information that was taken. That stinks!”) I get worried.
We have a responsibility to protect information and do all we can and keep tuning and tweaking and learning about things going on. We have to understand how these hacks happen, not even so much to punish the systems that were hacked, but to work toward shutting down that entry point. It’s like a bad game of whack-a-mole, pretty soon all of the holes in the game will have moles sticking up out of them, staring us down if we don’t keep after knocking them back.
OK, so, strange analogy, but I think we can do more to not be comfortably numb on all of this.