Abstract
What are the root causes that have allowed attackers to break into so many organizations? This chapter mainly focuses on six technical root causes. Before delving into those, we first discuss three of the “meta-level” root causes: failure to prioritize security, failure to invest in security, and failure to execute on security initiatives. For anything important in life or business, one may argue that these three types of failures (to prioritize, invest, and execute) can apply to almost anything, but we will cover some of the specifics to security in this chapter.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A. Vidyasagar, The Art of Root Cause Analysis, https://asq.org/quality-progress/articles/best-of-back-to-basics-the-art-of-root-cause-analysis?id=7fb5c50d917d4bb8839230516f3e3e61
- 2.
The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation, Majority Staff Report, Committee on Oversight and Government Reform, U.S. House of Representatives, 114th Congress.
- 3.
- 4.
While we use CISO here, the security leader could be a CSO (Chief Security Officer). One potential difference between a CSO and a CISO is that a CSO typically is also responsible for physical security. For the purposes of the discussion here, we use CISO and CSO interchangeably, as for most such security leaders, the bulk of the time in their role is spent on information security.
- 5.
CISO Report: Four CISO tribes and where to find them (Version 2.0). Synopsys. www.synopsys.com/content/dam/synopsys/sig-assets/reports/ciso-report.pdf
- 6.
Reshaping the cybersecurity landscape, Deloitte & Touche, 2019. www2.deloitte.com/us/en/insights/industry/financial-services/cybersecurity-maturity-financial-institutions-cyber-risk.html
- 7.
For the advanced reader, note that these root causes are not parallel concepts in the sense that, for example, phishing is an attack while unencrypted data is about lack of a security control (encryption) being employed. However, we focus on these root causes to keep the list short, practical, and easy to understand even if they are not conceptually parallel.
- 8.
Gary McGraw and Edward Felten, Java Security (Wiley, 1996).
- 9.
“Shellcode” was called as such because attackers would often leverage such types of vulnerabilities to give them access to a “command shell”—a program that would let them issue commands of their choice without authentication or authorization on the compromised machine. The code that the attacker sends to give them access to a command shell is the “shellcode.”
- 10.
A free online book chapter on the SolarWinds hack is available on this book’s website at www.bigbreaches.com.
- 11.
Leaky Buckets, https://businessinsights.bitdefender.com/worst-amazon-breaches, Bitdefender.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2021 Neil Daswani and Moudy Elbayadi
About this chapter
Cite this chapter
Daswani, N., Elbayadi, M. (2021). The Root Causes of Data Breaches. In: Big Breaches. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6655-7_1
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6655-7_1
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6654-0
Online ISBN: 978-1-4842-6655-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)