crowmoor.se

New laws are emerging in Europe that has its origins in US. Those state that companies and organizations that experience a breach where information is lost have to go public in one way or another. This means that public humiliation and loss of face will be a cost to take into account and also the information cost if all affected users has to be informed. Losing a database with two millions customer records will generate a very large cost.

Hopefully this will help to further strengthen the case for the CSO and CIO when arguing with the board regarding investment costs for security mechanism. Hopefully we will also se better evaluation and a better use of security mechanism when investment is driven from an information perspective rather than a infrastructure perspective.

Gartner report: Breach Notification Laws Are Coming to Europe, ID Number: G00172761