“Take a look at the headlines in any security news outlet and one thing really stands out. There are data breaches everywhere. That happen all the time, to organizations that know better. And it’s not like anyone wants a data breach. In fact, just the opposite is true. Companies try really hard to prevent them, often to no avail.
So, why are so many data breaches happening? The truth is there are a lot of reasons. According to Help Net Security, two of the biggest reasons are social engineering and unsecured databases. In addition to these though, there is another, often overlooked reason.”
Check out the rest of the blog here.
What has been your experience? Have you worked somewhere that treated cybersecurity properly as a continuous process, or was it mostly just getting your SOC 2 Type II and then letting the effort lapse until the next annual audit?