Disclosure Plan Won't Help

Disclosure Plan Won't Help
Mark Rasch, 2003-10-20

Encouraging publicly-traded companies to disclose their cyber security efforts would only force them to choose between providing vague and useless platitudes, or specific and dangerous details.

Expand all | Post comment

Disclosure Plan Won't Help 2003-10-20
Anonymous (1 replies)

An alternative is a requirement that companies post statements of losses due to security failures in general figures such as manhours and costs of upgraded equipment. While it is less effective after the fact, a known track record can provide predictions about future success against attacks and failures.

Such disclosures do not give attackers useful information, and they need not be vague. THe biggest change would be that the companies must track security expenses more carefully.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/192/23253#23253

Disclosure Plan Won't Help 2003-10-24
Anonymous

Disclosure Plan Won't Help 2003-10-20
Montana Tenor (1 replies)

Disclosure Plan Won't Help 2003-10-20
Mark Rasch (1 replies)

Fort Knox is closed for a reason... 2003-10-23
HellCat

Disclosure Plan Won't Help 2003-10-21
Anonymous

Disclosure Plan Won't Help 2003-10-22
Dennis Jugan