8 Million Sales Records On Amazon, Ebay, Shopify Exposed – Security Expert Opinion

The DevOps revolution and cloud computing have resulted in a double edged sword for enterprises. The same tools that enable organizations to move fast have caused untold, embarrassing breaches like this, showcasing the direct result of rapid adoption without sufficient security oversight. These security incidents continue to recur, all following the same script - customer data gets uploaded to cloud server; well-meaning developer neglects to password protect or encrypt that externally exposed database; hacker or threat researcher exposes the data. Unencrypted, unauthenticated, publicly accessible databases wait for bad actors to discover them. Despite billions invested in security, enterprises are failing at the infosec equivalent of washing their hands. Since an organization can't improve what it can't measure, the starting point for a company to improve their cyber hygiene is to inventory, categorize, and measure the criticality of their assets. From there, basic resilience begins with identity, encryption, and network segmentation.  Read Less