Halloween is over, and that means stores and online merchants are switching into high-gear Christmas mode. Pretty soon, we’ll all be hearing nothing but holiday songs — those we love, and those we don’t.

Trick or Treat…or Data Breach?

Before we start putting up decorations and searching for the perfect gifts for the geeks on our list, we need to stay in the Halloween zone and look at the results from October’s poll, where we asked you to share the security threats that scare you the most.

I suggest you head to the store and take advantage of some awesome post-Halloween candy discounts, because you’re going to need a few tasty treats after reading these terrifying tales! Here is a random sampling of some of the many responses:

  • “Data breaches have to be what scare me the most. Every 2-3 months, my credit card company sends me a new card because my info was part of a data breach. If they're getting my CC#, they're most likely getting other information along with it!” – Ben Liebowitz
  • “Custom made APTs, which can currently be purchased on the deep web by anyone with the intentions and money. They are zero-day threats, since those who create them test them against the main products of the cybersecurity market to guarantee their effectiveness. They really take my dream away; they are the protagonists of the horror stories that you would listen to in a cybersecurity boot camp.” - Daniel Casañas
  • “Password policies where you ask for so much complexity or change it so often that people will write them down somewhere. Usually real close to the keyboard, Doh!” - FFournier
  • “Overreliance of 3rd party libraries in binary form... no telling what's been accidentally/purposely embedded in them.” – John Tankersley
  • “A common flaw in all the stupid IoT light bulbs that allow them to be taken over and used in a massive attack against DNS servers to bring down entire internet. Oh yeah, and zombies/Skynet of course.” – Chris Thibeau
  • “Weak passwords. No backup.” – Philippe Nault
  • “My biggest fear is that our EMC Storage Array (primary storage for ~190 VMs) goes completely belly-up in the middle of the week. Yes, we have backups, but we're looking at days to restore all the data even if we got a hardware replacement immediately.” – Cyberinferno
  • “Weak password, and have to use my DR plan.” - Kjartan Konradsson
  • “Data breaches are the fear of all companies now with the EU bringing in GDPR, just look how much Facebook is been fined. Simple loop hole that has been a feature of FB for as long as I can remember.” – Thomas Clarke

All of the responses to our poll were great — which also means they were terrifying. To see the full list, please click here.

Personally, the threat that freaked me out the most was put forward by Logan Poe, who wrote:

  • “My biggest fear is one that is already happening, but behind the scenes. It is a global database of biometric traits where anyone can be monitored no matter where you go. This includes fingerprint scans, gait recognition, facial recognition, and even speech recognition. I majored in Biometric Security and learning about what we can do with all that data scares me.”

You said it, Logan. I don’t think the general public realizes that biometric traits can't be replaced. Once they are hacked, you're done!

The Winners

OK — that was enough terror for one day. Let’s all unwrap some Halloween treats and focus on something fun and happy: like picking the winners of October’s poll!

First of all, everyone who enforces strong password policies and security governance is already a winner. Thank you for doing your part to make the landscape safer.

Now, for the lucky individuals who will each receive a $25 Amazon gift card…drum roll please…congratulations to Ffournier and CyberInferno! Please send me an email at dsthilaire@devolutions.net to get your prize.

The November poll is dropping tomorrow, and everyone will have a new chance to win. Stay tuned!