I think I might have mentioned recently that your main cyber risk is your own staff, and that it’s more often carelessness than ill intentions. Apparently I was being clairvoyant again: yesterday Boeing notified the regulator that an employee had accidentally sent out the personal details of 36,000 staff in an email to his wife.
Now Boeing has to pay for identity theft cover for all those affected (about $350k before volume discount). So it’s worth avoiding.
The irony, as kindly pointed out by The Register, is that you can buy software that prevents this kind of leak. The software in question is – of course – produced by Boeing.
Ps – Boeing had to tell the regulator because of breach disclosure laws. As of May 2018, you’ll have to as well.