<html>
<body>
<font size=3>RE: The radio analogy:<br><br>
That took one massive disaster with thousands of lives lost. Those kinds
of incidents seem to pique interest in "getting it right", much
the same as the disaster of 9.11 inspired major changes to the building
codes now used in regards to stairwell design, fire-proofing and
emergency procedures.<br><br>
So far we haven't learned of a major disaster in dataloss of any great
magnitude, primarily (I would suppose) because #1) they dont want us to
know about it. #2) Insurance they've bought covers it, and theres no
incentive for the insurance companies to reveal the magnitude or method
of the losses, lest they inspire someone else to use the same tact, or
#3) (Which is my favorite, most probibal theory) They can simply charge
off to the consumers, the costs of losses, either in higher rates,
premiums, costs of insurance, etc. etc. etc. Which fleeces ALL equally,
giving them a way to profiteer off their losses. And since this is
particularly despicable, raping those that DO practice good, safe, best
practices, its a thing they readily absorb, and jack up the rates making
everyone pay excessive amounts. <br>
This is the theory of auto insurance, take the worst drivers, and rape
everyone at a fraction of their rates, and spread the costs over the base
who do not drive bad. This insures continued fleecing of the very worst
drivers at confiscatory rates, while a few dollars more from everyone
adds up to huge profits.<br><br>
So until major dataloss incident, that can not be covered up, flows
out onto the street and people scream for preventive measures, don't hold
your breath. Something like a few billion being scammed by the Russian
mob doesn't even come close here. Hell, the US Housing and Urban
Development (HUD) took a $4 billion loss and nary batted an eyeball,
(like how many of us heard of it?) so if they're not blinking at a few
billion, what DOES constitute as a major incident?<br><br>
Money doesn't seem to count, peoples information is more sensitive by
far. Money doesn't make noise, people DO! And rest assured, one of these
days, some deep pockets organization will do something horribly
incompetent, and hundreds of thousands will start a class action suit
that will cripple them enough to cause everyone else to rethink security
from the ground up. We can all hope that's the way it goes, because if we
let the law-vultures have a go at writing rules and regs, we're starting
at the very rock bottom of incompetency.<br><br>
<br><br>
<br>
<blockquote type=cite class=cite cite="">Best practices also change
quickly--from the introduction of radio to<br>
the time that a ship was expected to have a radio to avoid
negligence<br>
wasn't all that long.<br>
</font></blockquote></body>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</html>