this post was submitted on 11 Jul 2023
25 points (100.0% liked)

United Kingdom

4077 readers
106 users here now

General community for news/discussion in the UK.

Less serious posts should go in [email protected] or [email protected]
More serious politics should go in [email protected].

Try not to spam the same link to multiple feddit.uk communities.
Pick the most appropriate, and put it there.

Posts should be related to UK-centric news, and should be either a link to a reputable source, or a text post on this community.

Opinion pieces are also allowed, provided they are not misleading/misrepresented/drivel, and have proper sources.

If you think "reputable news source" needs some definition, by all means start a meta thread.

Posts should be manually submitted, not by bot. Link titles should not be editorialised.

Disappointing comments will generally be left to fester in ratio, outright horrible comments will be removed.
Message the mods if you feel something really should be removed, or if a user seems to have a pattern of awful comments.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago (2 children)

Can anyone explain why data breeches appear to increasing and large organizations appear powerless to prevent?

[–] [email protected] 11 points 1 year ago (2 children)

I'll put money on out of date OS and lack of budget for any kind of upgrades.

I've just filtered my incoming bug reports by people still running Windows XP. Almost all of them are pharmacies. You tell them to upgrade, and that they're not PCI-DSS compliant. For 9 years.

The rest of the NHS is likely even worse.

Sad thing about IT security, it's one of those things that costs money and you don't see the benefits. Only the catastrophic failures.

[–] [email protected] 3 points 1 year ago

'Why are we paying all this money out when we could just save the money and never upgrade' -- some manager, somewhere.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

It's not an OS, but I worked for the NHS for a time a year ago. They still use Internet Explorer...

[–] [email protected] 2 points 1 year ago (1 children)

Chances are they use some internal sites that only work in IE. Could even be using some Java Applet or ActiveX plugin that hasn't been patched in 15 years.

Even Chrome abandoned everything pre-Windows 10 earlier this year. I reckon there's more machines than not that couldn't upgrade OS even if they wanted to.

[–] [email protected] 1 points 1 year ago

That wouldn't surprise me at all. The explanation I was given at the time was literally "because it has private browsing".

[–] [email protected] 4 points 1 year ago (1 children)

It's a lot multiple factors, opportunity cost, increase of online users due to pandemic, home from work, but biggest one being companies/governments don't care about customer/user data so they they do bare minimum required by law to secure it. Which makes them an easy target. Getting breached is just part of doing business and a lot private companies just pay ransomware and go back to normal business.

[–] [email protected] 4 points 1 year ago

I would have thought the Information Commissioners Office UK, would have the power to issue hefty fines. Mind it sounds like those may the consequence of doing business as well. Depressing.