Introducing: Cyber Resilience
What We Do
Whether browsing the internet on a mobile device, or maintaining dozens of servers, we place trust in the security and integrity of the systems to which we are entrusting our most valuable data. With every decision we make to trust in such systems, we expose ourself a bit more to the risk that a breach might compromise this information. With every permission granted, every personal detail entered, you open yourself up a bit more to such a possibility. This is cyber risk: a fact of life in the world of today, endemic to any activity relying on internet-facing technology.
Yet the truth is that even as technology continues to improve and quicken, cyber risk is invisible to most enterprises taking on your privileged information. Unfortunately, in recent years, the only events that have meaningfully alerted the corporate and administrative worlds to the importance of cyber risk have been massive breaches of the sort suffered by retail giant Target or dying web portal Yahoo. A devastating, criminal compromising of sensitive data should not be the cost of doing business. Institutions should treat your personal information with the respect it demands; if they do not, they too will suffer the consequences.
In keeping with UpGuard’s utility as a cyber resilience platform giving full visibility into, and control over, IT systems, we know just how serious this problem can be. We’ve seen the problem firsthand. We have seen how cyber risk can afflict businesses and government agencies, exposing vulnerable people to harms that can last for decades. As the first cyber resilience platform, we want to help raise awareness of this critical issue in ways that are immediately relevant to the people affected by them.
But perhaps we can do more. Perhaps the best way to serve this public interest is by finding the breaches themselves. This website, and the work published here, seeks to aid that mission, as we find breaches where they live, helping to secure them and informing the public of how the most prominent institutions have succeeded or misstepped in achieving cyber resilience.
The most immediate and potentially consequential impact we can have is in finding exposed data before those with malicious intent do, alerting stakeholders to secure the information, and raising awareness of cyber risk as a critical issue with a broader audience. The exposures are out there, and unfortunately plentiful. By finding these breaches, the Cyber Resilience Team at UpGuard, here at CyberResilience.io, can demonstrate the supreme importance of securing the future of technology — one breach discovery at a time.
Who We Are
Cyber Risk Analyst Chris Vickery
As a security researcher, Chris possesses a long track record of professional distinction and success discovering major data breaches and vulnerabilities across the cyber landscape. Previous achievements have included reports on the online exposure of hundreds of thousands of patient medical records, an illegal spam operation insecurely storing 1.4 billion target email addresses, a series of unsecured MongoDB databases which threatened the security of millions of internet users, and a publicly accessible database containing the voter registration records for 93.4 million Mexican citizens. As a researcher and analyst, Chris has helped to protect the most sensitive data of hundreds of millions of people, while raising awareness of the looming issues of cyber risk.
Cyber Resilience Analyst Dan O’Sullivan
Dan’s writing and journalism has appeared in VICE, Rolling Stone, Salon, The Daily Beast, Gawker, and Deadspin. His essay for Jacobin about labor exploitation in professional wrestling was anthologized in The Best American Sports Writing 2015. As a writer and analyst, Dan communicates the most important and relevant lessons of data breaches to both technically-proficient readers and to a general audience of those most affected by cyber risk.
