A shadowy figure sits in a dark room, lit only by a laptop, tapping away at a command line. Disheveled clothes hang on him, a hood over the headphones covering his ears.
This person is about to cause one of the biggest data breaches of the year.
But he isn’t a hacker — he’s a system administrator, setting up a new database to ship customer data to a third party. The request to build this came in at the last minute, needed to be done yesterday, and the sysadmin — already managing an overstuffed data center — had to construct and deliver the system outside of the usual process. But he forgot a crucial configuration to secure the database from public connections, leaving it exposed to the Internet.
This scenario, as anyone who has worked in IT knows, is far more common than that of a breach caused by an elite hacker who cracks encryption and busts through firewalls — a nightmare that, comparatively, almost never happens.