In virtually all of the breaches of 2011, there was a human error or failure that could have been avoided. Many of the human errors involved in these breaches were basic mistakes made in the domains that (ISC)2 describes in its CISSP program. Security professionals today must understand the concepts of cryptography to protect data. The lesson we learn from this year’s breaches is that most of them were not complex hacks, but that they serve the end users that exploit users or exploit end users. As we prepare to enter a new year, the industry needs to redicate itself to better development of technology.”]
Source: https://www.cuinfosecurity.com/blogs/2011s-big-breaches-what-weve-learned-p-1136