At the Tea Risk conference today. Heard a woman keynote all over me, until my brain sploded. Her talk was divided into two part:
1. A retrospective of headlines indicate that there has been no progress in information security in the past twenty years. This trip down corrupted memory lane came with wistful recollections of the punch-card, suspender snapping variety. Vax is what we should nostagicate on now. And despite her involvement in security, and yelling the same thing over and over again, No Progress Has Been Made. I was waiting for her confession that she was part of the problem, doing the same thing over and over, expecting different results. Didn't come. A slight whiff of the "stoopid luzers" but the topic was dropped without conclusion.
2. A detailed trip through her personal hell of IDENTITY THEFT! Here's what happens: on some records somewhere, her Social Security number is associated with SOMEONE ELSE! Of course, no fraudulent loans were made, no bogus entries on her credit bureaus reports, and the person used a different name, different gender, different address, different date of birth, etc. And yet, she was upset that the police were somewhat reluctant to send out an APD and marshal all available resources to investigate her claim. She hinted that she used less than legal means to get the other individual's address and driver's license, and carried around a stack of papers with all her info into a Kafkaesque morass of bureaucracy. I've seen this sort of thing before in my previous life as an investigator. It's not IDENTITY THEFT, it's a typo. I've been brewing a rant in my head about the words "identity theft," but it probably needs a while longer to attain the desired proof.
This woman's bio lists her as a "risk consultant." Maybe that's why security sux.
Morning at Tea Plantation, by Docbudie via Flickr.