Last year was an amazing one from the sheer number of records that were breached. Just from a rough calculation on the back of a napkin I arrived at well over one billion records compromised. One would hope that would be a lot of motivation for organizations to take security more seriously.
Here is a post that I wrote on Jan 31st, 2014 about this and why the wider community needs to focus more on defense as opposed to the next shiny zero day.
From Forbes, "1 Billion Reasons Why You Need To Focus On Security Defence"
"As the last hours wind down on 2014, I sit in my wingback chair and contemplate some of the things that have transpired in the world of security this year. In the background I watch some Monty Python with amusement as the Black Knight hops on one foot taunting his adversary, King Arthur.
King Arthur: [after Arthur's cut off both of the Black Knight's arms] Look, you stupid *******, you’ve got no arms left!
Black Knight: Yes I have.
King Arthur: Look!
Black Knight: It’s just a flesh wound.
Just wrap your head around this point. In the last year roughly one billion records were breached. Let that number ring in your ears for a moment. To be fair I included the 40 million records from the Target breach which took place in 2013 in my calculations but, ****. The year 2014 has been, without a doubt, the year of the encore performance. It seemed to be nary a week would pass with out a headline trumpeting another data breach. The problem being that we focus on the attack and we need to do more to focus our efforts on mitigation. We’ve been playing the role of the Black Knight..."
For the rest of the post keep reading over on Forbes.