zlacker

There are millions of companies even century or decade old ones without a hacking incident with data extraction. The whole everyone gets hacked is copium for a lack of security standards or here the lack of deprecation and having unmantained systems online with legacy client data. Announcing it proudly would be concerning if I had business with them. It's not even a lack of competence... it's a lack of hygiene.

>>BoredP+(OP)
>There are millions of companies even century or decade old ones without a hacking incident with data extraction.

Name five.

>>bragr+N1
The pedantic answer is to point to a bunch of shell companies without any electronic presence. However in terms of actual businesses there’s decent odds the closest dry cleaners, independent restaurant, car wash, etc has not had its data extracted by a hacking incident.

Having a minimal attack surface and not being actively targeted is a meaningful advantage here.

>>bragr+N1
There are definitely companies who have never been breached and it's not that hard. Defense in depth is all you need

>>udev40+Yc
Isn't defense in depth's whole point that some of your defenses will get breached?

>>Realit+Yu
Take the OP. What defenses were breached? An old abandoned system running unmantained in the background with old user data still attached. There is no excuse.

>>Retric+n4
>there’s decent odds the closest dry cleaners, independent restaurant, car wash, etc has not had its data extracted by a hacking incident.

And there's also a decent chance they have. Did we not just have a years long spate of ransomware targeting small businesses?

>>bragr+Am1
Most ransomeware isn’t exfiltrating data. For small business you can automate the ‘pay to unencrypt your HDD’ model easy without care for what’s on the disk.