[Dataloss] CEOs deserve jail for data breaches

Adam Shostack adam at homeport.org
Wed Apr 9 17:16:31 UTC 2008


On Wed, Apr 09, 2008 at 09:09:33AM -0700, Mike Simon wrote:
| It would be an amusing exercise to postulate what other kinds of things CEOs
| should receive jail time for in light of this new concept. If they choose
| biofuel over fuel cells and loose a billion dollars for investors, even though
| everyone was telling them that fuel cells were the way to go, should we lock

I think we should jail CEOs *and* security pros who get all the budget
they want, and still allow a breach.  

More seriously, it's easy to suggest that others go to jail for not
doing what we want.  I know of few professionals who'd want to accept
the risk of jail time for their errors or omissions.

So if you advocate CEOs in jail, be prepared to join them.

Adam



More information about the Dataloss mailing list