T-Mobile, Quora, Orbitz, Google, and Marriott Starwood are just some of the names that have graced headlines in 2018, but not for positive reasons. Each of these organizations experienced significant data breaches that compromised valuable customer information. The size of these security incidents continue to grow, and there are many takeaways that security practitioners can learn from. While many of these conglomerates release statements indicating that they were compromised due to advanced threats, the fact of the matter is, a majority of the time that’s not the case.

“If you genuinely could not keep anything that you wanted to be secure, secure, then what would be the point of using technology for banking or in nuclear power plants?” Raef Meeuwisse asks. “I don’t think that’s correct. I think you can get security to a state where you can keep things protected, but it ultimately costs a lot of money.”

The question is, how much are modern-day organizations willing to invest in the security of their business, knowing the impact that a data breach could have on the bottom line?

In the latest installment of InfoSec Insider’s DeMISTIfying Security series below, security experts Ed Moyle and Raef Meeuwisse return to review the major breaches, developments, and takeaways that you can get from information security events in 2018. Be sure to tune in next week as the guys return for part two, where they look ahead into what we can expect this year.

Be sure to mark your calendars for April 1 as MISTI's InfoSec World Conference & Expo returns to Orlando, Florida for its 25th year!

 Jefferson Santos