LexisNexis Claims Disclosing Data Breaches Reduces Pain
from the of-course,-it-helps-that-they-were-required-to-by-law dept
LexisNexis ran into some trouble last year, after discovering that a data broker they had acquired had leaked a ton of data directly into the hands of criminals. Following the many other disclosures on similar cases, execs at the company went back over a history of transactions and eventually discovered fifty-nine cases where their security was breached. Around the same time, the company also called for more stringent disclosure laws, that would require companies to reveal such breaches. Such claims may ring a little hollow, because the only reason most of these breaches came to light in the first place was because of a California law requiring such disclosures — and most of the federal regulations proposed on this issue would turn out to be less stringent that the California law, requiring a lower bar in determining what needs to be disclosed. Still, for those companies who are happy about this lower bar, they might want to heed the words of a LexisNexis exec who is claiming that disclosing the breaches may have been the best thing they did in response. Of course, LexisNexis can obviously claim some distance from the problem, as it appears many of the breaches took place before they acquired the subsidiary. However, on the whole, he claims that there was very little impact, because they were direct and honest in discussing the breaches. Whether or not you believe his claims, it does make sense that being honest about a screwup like that is about the only way these companies are likely to rebuild trust. If it comes out that they lied about security breaches, it wipes out what little credibility they had left.
Comments on “LexisNexis Claims Disclosing Data Breaches Reduces Pain”
Networking: Content filtering grows
CHICAGO, April 24 (UPI) — A gullible young employee sends out a confidential document — over the Internet — that should have been sent only by overnight courier. A spy, hired by a rival firm, snags the file, with a packet-sniffing device, as it transitions from the corporate network to the Internet. Trade secrets are divulged, and the company is ruined. Experts tell United Press International’s Networking column that corporations, both large and small, are seeking to stop “information leaks,” like that, with outbound content filtering software.
“When critical data escapes, either intentionally, or accidentally, organizations face financial, legal and reputational costs,” a spokesman for Fidelis Security Systems, based in Bethesda, Md., told Networking. “As a consequence, the outbound content filtering market is experiencing exponential growth.” By Gene Koprowski