Damian Gordon

University Lecturer, Technological University of Dublin

In the past few years, you must have noticed depressingly regular reports of data breaches, cloud leaks, and cyberattacks occurring. It would be easy to tell ourselves the problem is that hackers have become so much smarter, or that the systems have become too complex to manage, but the reality is that tech organizations don’t take their own security sufficiently seriously, and they don’t treat our personal data with the stewardship that we would hope for from them. These organizations think of our personal data as a commodity that can be bought, sold, and traded on the markets. What they don’t realize is that our personal data represents fragments of our lives. When a data breach occurs, it is often we as individuals who suffer, as the breach adds to our stress, subtracts from our time, multiplies our fears, and divides us from other people.

This issue is most noticeable in the case of cloud storage, where leaks are constant; the organizations that employ these services appear to have little understanding of how their cloud instances are configured and seem unable to audit and manage them. These misconfigured instances (usually storage buckets or databases left accessible to the general public) have been responsible for many of the largest data leaks in recent ...