The Adobe Breach This Week Should Get Your Attention
The software company's revelation was barely noted in a day crowded with shutdown politics.
Yesterday, software company Adobe announced that hackers had penetrated its network, compromising the information of some 2.9 million customers as well as the source code of numerous Adobe products.
Adobe's revelation was barely noted in a day crowded with news about the government shutdown and Capitol shooting. Unlike past data breaches that have garnered significant attention, Adobe's announcement seemed to register with few people.
The lack of attention to a significant attack begs the question: Is cybersecurity seeing its ebbtide?
Comprehensive cybersecurity legislation from Congress is all but dead this year. Any chance of passage was largely deflated by Snowden's revelations, which turned attention away from protecting networks from intruders to protecting information from the government.
The Obama Administration's efforts to implement its executive order on cybersecurity continue to progress, with NIST's cybersecurity framework due out in the coming weeks. But the government shutdown has effectively halted the project and, even once it is completed, there does not appear to be overwhelming enthusiasm surrounding its release.
Agencies’ cybersecurity programs are puttering along, though some advancements have fallen victim to the fiscal fights and slowdowns affecting Washington.
Outside of government, it feels as it companies aren't talking as much about cybersecurity and that groups like Anonymous are not gaining the headlines they did a year ago.
While the past two to three years have been frantic on the cyber front, it would appear that the trend we’ve seen in the past -- a flurry of intense activity followed by a lull -- may be occurring now.
What does this mean for cybersecurity? How long before the tide rises and cybersecurity is again front and center? Unclear. For those who have been around cybersecurity policy for a while, it is not surprising and we've seen this before. We can only wonder how long before it makes a comeback as a priority issue, and when it does, whether vulnerabilities can acuallly be addressed.