Whether a power outage or an equipment malfunction was actually the cause of the outage, neither of those issues should have brought Delta’s systems down if the company had implemented the sort of IT redundancy that is common among major commercial enterprises.
Adoption of cloud computing services under FedRAMP has been hampered by many federal agencies’ unwillingness to accept FedRAMP authorization as sufficient or to accept ATOs granted by other agencies.
More troubling than the poor incident response (including reporting) at FDIC is the apparently complete inability of the agency to prevent large-scale data exfiltration.
Mossack Fonseca failed to understand even basic information security and privacy principles and lacked the IT management skills or oversight necessary to ensure that they were adequately protecting their own and their clients’ information.
Attackers who find vulnerable servers can deploy ransomware without any action on the part of users in the targeted organization.