On one hand, I hear discussions like
How do we make our encryption quantum-proof?
On the other I see hundreds (and that is no joke) of S3 buckets, Azure Blobs with even the most intimate data being completely open for everyone.
How do we expect to solve complex and difficult problems of #infosec, if we cannot even solve the easy and trivial ones reliably?
I am not talking about amateurs. Sometimes I see so much data in such storage, that the high costs involved would prevent some rando from being responsible.
And even worse: if something like this happens, there is no process to solve that.
Closing those buckets falls on shoulders of volunteers and activists and them working through dozens of contacts.
While the people exposing the data get paid well, the people trying to prevent a disaster are working for free.