Record Number of Data Breaches in 2007

• By Lafe Low
• 01/02/2008

Folks invariably tend to look forward and backward at this time of year. One grim look back involves data security breaches. Apparently, 2007 was a record year for data breach incidences. (I can practically hear the execs at TJX groaning from here -- their office is actually about 10 minutes from what most of the Redmond magazine editors call home.)

There are two groups actively tracking data-theft reports: the San Diego-based Identity Theft Resource Center (ITRC) and a Web-based group called Attrition.org. The ITRC states that more than 79 million personal records were reported compromised last year (that's just in the U.S., by the way). That figure is four times greater than the nearly 20 million records the ITRC reported stolen in 2006. The ITRC's findings also indicate that hackers are keeping ahead of preventive measures that companies and individuals are taking to secure their systems, especially laptops. Seems like a case of too little, too late.

Attrition.org lists a whopping 162 million compromised records last year, although its figures include domestic and international events. Like the ITRC's figures, Attrition.org's numbers jumped from 49 million last year.

Both groups' 2007 reports also show more incidents of employees losing sensitive data (like the numerous instances reported here of government employees leaving laptops in cars, cabs and cantinas). These trends of data loss through theft or error aren't likely to reverse or abate any time soon, either.

How are you securing your systems in the new year? Any other security- or IT-related new year's resolutions? Let me know at [email protected].

Netscape To Breathe Its Last
Around New Year's, all the newspapers, magazines and news Web sites come out with lists of events that cover the year that just ended -- celebrities who passed, celebrities who married or had kids, celebrities who pulled major bonehead maneuvers (that's usually the longest list).

One "celebrity" from the tech world that has passed -- or is soon to pass -- is good, old Netscape (and yes, I had tongue firmly planted in cheek as I typed "good old"). Whether you love it or hate it or land somewhere in between, Netscape was indeed a pioneer. It was the first browser I used on a regular basis, and I suspect it helped many along in their introduction to all things Web.

AOL is pulling the plug on Netscape on Feb. 1. Time Warner's AOL division is ending any further development or support on Netscape, and plans to concentrate its efforts on developing AOL's ad business. How long it takes Netscape to flatline remains to be seen. You'll still be able to download and use Netscape, but there won't be any updates or patches. And we've seen how long orphaned technologies can inexplicably survive out in the open!

Just for a bit of historical perspective, the first version of Netscape came out in late 1994. Not a bad run for an Internet pioneer.

What are you using to browse? Are you a Netscape veteran? Check in with me at [email protected].

Some 2008 Predictions
Now that we've looked back on 2007, let's look ahead to 2008. So far, so good: no hangover on New Year's Day, big snowstorm in the East (which is good news for a hopeless ski bum like me), no angry e-mails now that I'm back at my desk.

IDC has released a top-10 list of predictions for the storage market. (I wonder if David Letterman will pick this up in light of the ongoing writers strike?). Its list includes:

10. Demand for de-duplication, thin provisioning and virtual tape libraries.
9. Green storage initiatives.
8. Integrated storage and server technology for small and mid-sized business.
7. Full-disk encryption to satisfy compliance regulations.
6. Value-added storage services separated from storage infrastructure.
5. Virtual servers as a conduit for iSCSI.
4. Solid-state disk drives dropping in price.
3. Object-based storage systems to classify data.
2. New role-based storage systems.

And finally,

1. More interest in storage services for data backup, archiving and replication.

Somehow, I think Letterman might pass. Interesting thoughts from IDC, naturally, although I would've expected more nods to virtual storage.

Here's another prediction for 2008: We may be able to expect a better year for information security with the help of greater standards. That's the outlook of professional services firm Halock Security Labs, which has just launched a new suite of services to address the ISO 27001 standard -- a model for establishing, implementing, reviewing, maintaining and improving information security management systems. The standard should help companies unify their security requirements under a single framework.

What's your organization's strategy for information security? What will you do differently in the new year to face new threats? I'll keep your secrets safe at [email protected].