CEOs deserve jail for data breaches

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.techworld.com/security/news/index.cfm?newsID=11924

By John E. Dunn
Techworld
08 April 2008

A growing number of security pros believe that the way to stop data 
breaches from happening is simple as it is stark - send the CEOs or board 
members deemed responsible to jail.

The opinion emerged from a survey by security mainstay Websense at the 
recent UK e-Crime Congress, which polled 107 security professionals on 
their opinions. Seventy-nine percent believed that companies should be 
fined for data breaches . something that does already happen in some cases 
in the UK . while 59 percent were in favour of compensation for consumers 
affected by a breach.

The most striking view of all was that the time had come to punish serious 
data breaches with jail time for senior staff, with 25 percent rating that 
as a necessary step. Only three percent were against any form of 
legally-enforceable punishment.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml