[Dataloss] rant: Abandon Ship! Data Loss Ahoy!
Kevin McPoyle
kmcpoyle at kmrdpartners.com
Thu Mar 20 22:00:08 UTC 2008
What I find interesting is the recognition among the readers and pundits
that this is an imperfect world with respect to security. With that in
mind, I'm unclear as to why organizations don't transfer a portion of
this risk to others through an insurance product? It seems rational and
clearly represents some mitigating of a scenario that will happen, not
if, when. Policies are readily available, negotiable and clearly a deal
compared to other costs. No one like to "waste" money on
insurance...until there is a claim. The supermarket had D&O with which
to fend off the legal dogs. Why don't they have a "cyber" policy?
Whose making these good decisions?
-----Original Message-----
From: dataloss-bounces at attrition.org
[mailto:dataloss-bounces at attrition.org] On Behalf Of Chris Walsh
Sent: Thursday, March 20, 2008 5:49 PM
To: Tracy Blackmore
Cc: dataloss at attrition.org
Subject: Re: [Dataloss] rant: Abandon Ship! Data Loss Ahoy!
IANAL, but this question of "due diligence" and comparing oneself to
one's competitors begs the question -- what harm (in the legal sense)
has been done here to anyone whose CC or debit card # was revealed?
Does your answer vary depending on whether there was fraud associated
with that card #?
_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor
your traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
More information about the Dataloss
mailing list