Since GDPR came into effect, people tend to be a lot more aware of their personal data or rather, data breaches containing their personal data. Most data breaches that appear on the news tend to be what I call ‘big boy breaches’. These refer to massive breaches from the big companies consisting of millions and millions of data records.

Like many things in life, hackers are victims (and I use the word loosely) of stereotyping. You won’t find much stock imagery depicting hackers that doesn’t involve a hoodie, a dimly-lit room and several monitors full of scrolling binary text. And whilst that’s definitely sometimes true, it also makes several assumptions about hackers in general, which is at best misleading and at worst leaves you wide open to attack.

Computers are making humans now. Sort of. In a recent discussion at Bulletproof, someone casually mentioned ‘thispersondoesnotexist.com’. It’s a fairly harmless experiment in which AI randomly generates an image of a person who does not exist, thus solving the mystery of the name. This has since prevented me from sleeping at night, not least because I have turned up on it more than once.

80% of all human endeavour is committed to making money, with the remaining 20% spent finding interesting ways to spend it. These are figures that I’ve just made up, but I said it in the Bulletproof office, and everyone nodded, which either means it speaks a certain truth or, once again, everyone is doing their best to ignore me. With this in mind, it’s fair to say people tend not to put a lot of effort into something unless they know they’re going to be financially rewarded for it.

Having covered the start-up vs corporate question before, we thought we would look into which industry is currently most at risk of cyber attack. According to the Wikipedia entry ‘list of data breaches’, which contains a list of data breaches (spoilers), out of 255 data breaches over the last 15 years, historically, the hardest hit industry was ‘web’.

In an age pushing for diversity, is it fair to say cyber security is still an industry dominated by men? A quick Google search seems to suggest so. Admittedly, “cyber security industry male dominated” is a somewhat loaded search, but the point still stands. By simply peering over my monitor and surveying the Bulletproof office, I am greeted by the many grizzled faces of men staring fixedly at their screens hard at work, or at least pretending to be.

PCI DSS is an incredibly important compliance standard for those processing card payments. It stands for Payment Card Industry Data Security Standard. Whilst that doesn’t exactly roll off the tongue, it is a very resilient set of standard requirements that aims to make a business more secure. A 2018 payment security report revealed that no company affected by a data breach was completely compliant with PCI DSS.

2018 is rapidly drawing to a close. The winter chill is setting in and a festive spirit permeates the air. 2019 is hurtling towards us carrying the promise of new challenges and opportunities. However, there’s still a couple of weeks to get a few more massive data breaches in.