Josh BressersFor security awareness month, some of us at @anchore went through some old NSA security awareness posters. They're hilariously bad. Here's day 5
I'm not sure this is how security is supposed to work ...
Villain World CardsWhy should anyone believe in cyber security?
And I'm not saying that people shouldn't want it, what I'm saying is that there doesn't actually seem to be any way to offer infosec at scale.
Oracle just disclosed that they caused what will eventually be known as the worlds largest extortion scandal (https://www.reuters.com/business/oracle-says-hackers-are-trying-extort-its-customers-2025-10-03/)
Oracle has more money, more data and more experience protecting information than any other company in the world and yet even they can't actually do the job.
These are good questions, yeah
I suspect a big part of the problem is the liability. Today if a big company gets popped, the actual liability ends up on whoever got their data stolen, not the company that lost it
We will need regulations to help shift that liability
@joshbressers Saying regulations can fix is also not really a compelling answer.
What regulation?
Regulatory capture ends up shifting the actual effect to a regulation you really, really don't want to talk about: campaign finance.
As long as grifters who take money from corporations are in power, corporations will be allowed to hurt their consumers.
Without complete, lifelong financial transparency for all politicians and their families, we have no chance of regulating away these problems.