The InfoSec Blog

IT Pros Believe Data Breach Harm Assessment Is More Valuable Than Victim Notification

Posted by Anton Aylward

http://www.pcworld.com/businesscenter/article/248724/it_pros_believe_data_breach_harm_assessment_is_more_valuable_than_victim_notification_study_says.html

Valuable to whom?

If we can learn from the mistakes of others, if they will freely disclose that they have been breached, the how and why and openly discuss remediation and prevention, they yes, this would be of value to the community as a whole.

But does that mean we mus NOT notify those affected by the breach? I don't see why they have to be exclusive.

As to free and open disclosure: I suspect there may be issues of legal liability and shareholder/stock-price value to consider.

Filed under: Risk, Security No Comments