A Privacy and Cybersecurity Feast of Crumbs

Nothing in privacy and cybersecurity is too inconsequential or time expedient to go through proper security channels. There may be times when taking a “short cut” is the quickest way to arrive at the result; however, that is only true if you are not ambushed or attacked, your vehicle doesn’t break down, and/or the driver doesn’t have a heart attack and drive over a cliff while you are on your way to the destination. Taking short cuts, even when successful, also have another issue that is not as easily detectable. They leave a trail of crumbs that can be collected, molded, and formed into a feast. Each datapoint, data piece, or digital artifact that can be recovered by an attacker, adversary, or inquisitive person can help to facilitate an inference, data reconstruction, or correlation attack. One’s crumbs is Two’s feast. Make sure every hard drive (including printers, scanners, fax machines, and OT gear) is destroyed or degaussed to appropriate levels, ensure systems are not leaking (through verification) before they are brought online or their ‘updates’ are implemented in production, and take special care to reduce to acceptable levels the numbers of humans (minimum required to complete the job) whom have physical access to any assets. A crumb for one being is the starting place of a feast for another.