, 2003-10-20
Encouraging publicly-traded companies to disclose their cyber security efforts would only force them to choose between providing vague and useless platitudes, or specific and dangerous details.
Expand all |
Post comment
Disclosure Plan Won't Help
2003-10-20
Montana Tenor (1 replies)
Montana Tenor (1 replies)
It's true that a lot of companies write these attacks off as, "cost of doing business on the internet", and therefor don't keep accurate information on exactly how much these attacks cost them, but think about if they did.
ROI would be that much easier to compute for one. A security individual could look at the cost of certain attacks to other like-sized organizations and present accurate information to management on how much the security measures in place likely saved their company.
Additionaly, and this is ridiculously important, there's no way in hell I'm going invest in a credit-card company with a web-presence that hasn't invested a significant amount of money in network security.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/192/23279#23279