NetworkTigers asked Ben Walker for his perspective on personal cybersecurity.
In 2024, the average cost of a data breach in the United States is $9.36 million. As of June 2024, there were 2,741 publicly disclosed incidents and a staggering 6,845,908.997 records breached, with healthcare taking first place for publicly disclosed incidents, followed by finance. In August 2024, 5,984,639 people were impacted by data breaches. Every week, NetworkTigers reports on the latest cybersecurity breaches and failures in its weekly news roundups. Our articles dissect data breaches, cyberattacks, hackers, and hacking techniques. But what does it all mean for individuals?
Ben Walker has been writing for NetworkTigers for nearly four years. He creates the weekly news roundup and many of our editorials. We asked him:
After four years of immersing yourself in research for cybersecurity news and stories, how have you changed your thinking about personal cybersecurity? This was his perspective on personal cybersecurity.
I’ve got MFA (multi-factor authentication) on everything that supports it, and now I let Apple create and retain impossible-to-memorize passwords for me. While I’m sure that carries its own risks, there is really no other manageable way for an individual to get by today. Everything you want access to requires the creation of a potentially hackable account, and there is simply no way for people to remember all these ridiculous strings of characters. We’re drowning in passwords.
Scammers tend to message me any time I put something up for sale online and, like everyone, I get the occasional text or Facebook message from clearly fraudulent sources. The internet, and social media in particular, has really become a bot-ridden, spam factory at best and an algorithmic clickbait anger generator at worst. I don’t think I’m any more diligent there than I used to be, as I find it pretty easy to determine what’s real and what’s fake and I’m terribly uninterested in crypto and messages from scantily-clad strangers on Instagram.
In my opinion, the bigger picture is that we’re in a post-privacy world. When huge telecoms and healthcare giants are breached and bleed out loads of data belonging to almost everyone who lives in the country, the average person is helpless to do anything and it makes preaching about password hygiene feel a bit like bailing out the Titanic with a teaspoon. Between huge hacks and social media’s siphoning of everyone’s self-submitted data for advertising or AI-training purposes, it’s basically at the point where if you want to participate in the modern world you have to accept surveillance and exploitation from entities both corporate and criminal.
My dad is still a paper and pencil kind of guy. He’s never trusted the internet and avoids any and all transactions online if at all possible. He feels that this keeps his personal data safe, but I had to break it to him recently that if he has an account with any bank, healthcare organization, ISP, etc., his efforts are likely for naught, and his personal information is floating around the internet in one or more of the many blobs of user data that make their rounds from one threat actor forum to another. My wife and I just got our breach notifications from Change Healthcare in the mail today and I expect he probably did too. Sorry dad!
I think that each generation is more accepting of the impossibility of keeping private data safe. My wife recently lost her Social Security card and my dad’s concern about “identity theft” was near panic. To her and I, however, that tattered little piece of paper is meaningless in the face of how many times her number has likely already circulated online.
If there is any consolation whatsoever to this mess, it’s that these big hacks are meant to strongarm major corporations into forking over tons of cash. The fact that my Social Security number is in the mix is incidental, because I don’t think RansomHub is after my personal checking account. These data hoards will simply serve as leverage, depreciating every year as fewer and fewer people worry themselves with privacy and organizations feel less and less concerned with doing anything about it.
Will that data eventually be trickled down to other threat actors who may attempt to use it for nefarious purposes? Maybe … but it’s just too overwhelming even to conceptualize how to stop it, and once something is out there, it’s basically available forever. We’re in a weird position right now where data privacy feels both incredibly critical but also totally unimportant. I think individuals feel their data is impossible to protect and I don’t see any reason why big companies would be compelled to make them believe otherwise, as customer apathy about this issue is in their best financial and legal interests.
I think cybersecurity concerns are relevant to people in critical positions where they hold the keys to something that could be used for government/corporate espionage or a ransomware attack … but at this point in time I feel that average citizens just need to not open spam emails and avoid clicking links on social media like we’ve been doing since 2005.
Ben Walker
About NetworkTigers
NetworkTigers is the leader in the secondary market for Grade A, seller-refurbished networking equipment. Founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms, NetworkTigers provides consulting and network equipment to global governmental agencies, Fortune 2000, and healthcare companies. www.networktigers.com.
