As the conversations surrounding the Heartbleed bug continue to multiply, and as is the case with any widespread security breach, individually, we are often left with a lingering question: Who caused this and who is responsible for fixing the problem?
Instead of playing the data breach blame game, you need to take control of the situation. Do a few simple things every day and make yourself a tougher get, have the tools to quickly determine if you are in harm's way and have a solution in place to deal with the fallout.
Don't focus on assigning blame. Focus on improving the systemic and organizational mechanisms in the development and testing culture that made it possible for such a bug to exist in the first place.
When our forensics investigators are called to look into the cause of a data breach, the majority of the time the initial point of entry is tied to a weak password.
Since many websites ask you (or even require you) to use your email address as a username, that information is also vulnerable to the Heartbleed bug. Welcome to the beginning of phishing season.