[ISN] Businesses More Concerned With Reputation Than Fines

From: InfoSec News <alerts_at_private>
Date: Fri, 22 Jul 2011 01:14:53 -0500 (CDT)
http://www.pcworld.com/businesscenter/article/236073/businesses_more_concerned_with_reputation_than_fines.html

By Tony Bradley
PCWorld
July 20, 2011

There has been an epidemic of data breaches in recent months, prompting 
action in the United States Congress to introduce new legislation to 
protect consumer data. A recent survey, however, found that most 
businesses are more concerned with their own brand integrity and 
reputation than whatever punitive damages might result from compliance 
mandates.

The Secure and Fortify Electronic Data Act--better known as the SAFE 
Data Act, is currently making its way through the United States House of 
Representatives. If passed, the legislation will create a national 
framework for information security and data protection, along with 
national laws governing disclosure when a breach occurs.

Testifying before a House subcommittee in June, BSA President and CEO 
Robert Holleyman, said "It requires organizations that hold sensitive 
personal information to implement reasonable security procedures. It 
creates market incentives to adopt strong security measures. It ensures 
that consumers will be notified when a breach puts them at risk of 
identity theft, fraud or other unlawful activity," adding, "By creating 
a uniform, national framework that preserves an enforcement role for 
state authorities, it also streamlines compliance burdens. The net 
effect will be good for businesses and consumers alike."

On the other hand, a recent survey conducted by jointly by CyberSource 
and Trustwave reveals that businesses are not intimidated by 
legislation, or concerned about financial penalties associated with 
compliance mandates and regulations. What businesses are concerned with 
is their own reputation and the integrity of their brand.

[...]


___________________________________________________________
Attend Black Hat USA 2011, hosted at Caesars Palace in
Las Vegas, Nevada July 30-Aug 4, offering over 60 training
sessions and 9 tracks of Briefings from security industry elite.
To sign up visit: http://www.blackhat.com
Received on Thu Jul 21 2011 - 23:14:53 PDT

This archive was generated by hypermail 2.2.0 : Thu Jul 21 2011 - 23:16:27 PDT