In the news over the last 48 hours we have seen two different types of security breaches on online services and that lead me to wonder where does the responsibility lie for these breaches?
The first one was Google Mail where certain people were subject to a phishing attack the other was the Sony Network. Now to me its obvious where the responsibility lies in both cases but what I was after is others opinions on this as our lives are increasingly going online and the information is being held by other people.
The Google Mail case for me isn’t Google’s problem as their security hasn’t been breached in a sense, due to the fact that the user has responded to a phishing attempt aimed at them. The problem then becomes with these attacks on individuals does the company in question step in, while in this case even though I know it isn’t really a breach of Google’s security I believe that Google has a social responsibility to do something about these attempts. What also complicates the responsibility in this case is the fact the attack was sent via email which is what the service that is being provided is also another complication. Should the spam filters have caught this attempt?
The Sony case however I believe is completely down to Sony to sort out as it is an attack on their entire network. Where these attacks come from I don’t know as I haven’t looked into it enough and I would be very much interested to know why Sony are being targeted so much of late.
To conclude I think both these attacks on the different companies illustrate just where the barrier is for the responsibility of care is whether it is the companies responsibility or the end user, that being said it is not an exact science and it would look good on companies if they took actions to stop future attempts which I am sure both companies are doing.
Let me know what you think.