[ISN] IT pros say data breach assessment is more valuable than notification, study says

From: InfoSec News <alerts_at_private>
Date: Thu, 26 Jan 2012 00:55:31 -0600 (CST)

By Lucian Constantin
IDG News Service
January 25, 2012

IT professionals believe that assessing the potential harm caused by 
data breaches is more useful to mitigating the effects of such incidents 
than notifying affected individuals, according to a survey published on 
the day the European Union's proposed a 24-hour deadline for data breach 

Entitled "Aftermath of a Data Breach," the study was sponsored by 
information services company Experian and was conducted by the Ponemon 
Institute, which surveyed 584 experienced IT professionals working for 
companies that suffered a data breach involving consumer records during 
the past 24 months.

The questions asked by the Ponemon Institute tried to establish the 
circumstances leading to the data breach, the company's response and the 
incident's impact on the affected organization's data protection 

One of the study's most interesting conclusions was that while notifying 
victims and regulators are the most common steps taken by companies in 
the aftermath of a data breach, IT professionals don't view them as the 
most important actions for reducing the negative consequences of such 


Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
Received on Wed Jan 25 2012 - 22:55:31 PST

This archive was generated by hypermail 2.2.0 : Wed Jan 25 2012 - 22:59:29 PST