It seems like only last week that I was lamenting the state of our government's security, and having a laugh at their expense. It seems that way because it was. Well, it's happened again.
Big headlines again this morning telling of how the Ministry of Defence has now lost information on '600,000 would-be recruits'. I'm not laughing any more. Yes, I still think the media are blowing it up a bit, and yes, I think the very same media will drop data-security like a lead weight as soon as the public are bored of it, but for now I am in my element and I'm in uneasy alliance with them.
[In fact if you're reading this, I guess I've become the media. The only difference is there is no picture of Paris Hilton's breasts further down the column although that gives me yet another great plan for improving site statistics.]
We've now had 8, yes 8, publicly disclosed data breaches at various levels of government in less than 3 months. This MUST have been going on before this, and I can't see any evidence of steps being taken to stop it. Surely I would have received a phone call by now if they were..?
I don't know if it's just a coincidence, but business for me in the private sector has gone supernova in the last 3 months too. Maybe whatever the government is experience is being replicated across the country, and big business is keeping schtum where the public sector can't. Although it is more likely that PCI DSS is now becoming a reality for e-commerce practitioners, it goes to show that us security guys aren't just sitting here saying stuff for the sake of it. It really does happen. Those who are being pro-active may not see the benefits of this, but those who aren't sure as hell will see the downsides.
Maybe not today, maybe not tomorrow, but soon...