topic 2017 Ponemon Cost of Data Breach Study in Member Support https://community.isc2.org/t5/Member-Support/2017-Ponemon-Cost-of-Data-Breach-Study/m-p/4373#M495 <P>Hi,</P><P>&nbsp;</P><P>Please share your feedback to the 2017 Cost of Data Breach from Ponemon</P><P><A href="https://www.ibm.com/security/data-breach" target="_self">https://www.ibm.com/security/data-breach</A> in light with the comments made by Calyptix <A href="https://www.calyptix.com/top-threats/top-3-causes-data-breach-expensive/" target="_self">https://www.calyptix.com/top-threats/top-3-causes-data-breach-expensive/</A></P><P>&nbsp;</P><P>My personal point of view is that the top root cause of the 2017 data breaches should be "human error" or simply said "negligence". In fact I understand human error as an unintended error for example a system administrator doing a mistake while performing a configuration. But for the examples listed by Calyptix here below, I see them as pure negligence. The activities should be planned enforced by&nbsp; proper policies, security baselines and procedures to avert the breaches.</P><P>&nbsp;</P><P>Examples of the ways human error can lead to data breaches include:</P><OL><LI>Failure to apply patches to known vulnerabilities</LI><LI>Employees leaving laptops or other devices in unlocked cars, where they are <A href="https://www.calyptix.com/hipaa/discover-the-top-3-causes-of-hipaa-violations-and-their-simple-solutions/" target="_blank">easily stolen</A></LI><LI>When an employee mistakenly emails sensitive information to an unintended party</LI><LI>When a database containing confidential information is unintentionally configured to be internet facing, and thereby accessible by search engines</LI></OL><P>&nbsp;</P><P>Brigitte.</P> Sun, 17 Dec 2017 21:12:32 GMT JoshuaGabriel 2017-12-17T21:12:32Z 2017 Ponemon Cost of Data Breach Study https://community.isc2.org/t5/Member-Support/2017-Ponemon-Cost-of-Data-Breach-Study/m-p/4373#M495 <P>Hi,</P><P>&nbsp;</P><P>Please share your feedback to the 2017 Cost of Data Breach from Ponemon</P><P><A href="https://www.ibm.com/security/data-breach" target="_self">https://www.ibm.com/security/data-breach</A> in light with the comments made by Calyptix <A href="https://www.calyptix.com/top-threats/top-3-causes-data-breach-expensive/" target="_self">https://www.calyptix.com/top-threats/top-3-causes-data-breach-expensive/</A></P><P>&nbsp;</P><P>My personal point of view is that the top root cause of the 2017 data breaches should be "human error" or simply said "negligence". In fact I understand human error as an unintended error for example a system administrator doing a mistake while performing a configuration. But for the examples listed by Calyptix here below, I see them as pure negligence. The activities should be planned enforced by&nbsp; proper policies, security baselines and procedures to avert the breaches.</P><P>&nbsp;</P><P>Examples of the ways human error can lead to data breaches include:</P><OL><LI>Failure to apply patches to known vulnerabilities</LI><LI>Employees leaving laptops or other devices in unlocked cars, where they are <A href="https://www.calyptix.com/hipaa/discover-the-top-3-causes-of-hipaa-violations-and-their-simple-solutions/" target="_blank">easily stolen</A></LI><LI>When an employee mistakenly emails sensitive information to an unintended party</LI><LI>When a database containing confidential information is unintentionally configured to be internet facing, and thereby accessible by search engines</LI></OL><P>&nbsp;</P><P>Brigitte.</P> Sun, 17 Dec 2017 21:12:32 GMT https://community.isc2.org/t5/Member-Support/2017-Ponemon-Cost-of-Data-Breach-Study/m-p/4373#M495 JoshuaGabriel 2017-12-17T21:12:32Z