Saturday, October 29, 2005

Responding to a security breach

NetworkWorld has a great article on how to respond to security incidents involving personal or corporate data:

Responding to a security breach

...But organizations can reduce their overall losses by reporting breaches in a timely manner and offering whatever help they can to the affected parties, Penn says. On the other hand, organizations can compound their losses by covering up and delaying reporting, such as the case with ChoicePoint, whose stock dropped by 15% after fraud in its system exposed 145,000 credit identities in February. And health maintenance organization Kaiser Permanente was fined $200,000 in August for a three-month delay in reporting an exposure of patient data posted on a publicly accessible Web site used for help desk support....

No comments: