BreachExchange mailing list archives

Re: CEOs deserve jail for data breaches

From: Adam Shostack <adam () homeport org>
Date: Wed, 9 Apr 2008 13:16:31 -0400

On Wed, Apr 09, 2008 at 09:09:33AM -0700, Mike Simon wrote:
| It would be an amusing exercise to postulate what other kinds of things CEOs
| should receive jail time for in light of this new concept. If they choose
| biofuel over fuel cells and loose a billion dollars for investors, even though
| everyone was telling them that fuel cells were the way to go, should we lock

I think we should jail CEOs *and* security pros who get all the budget
they want, and still allow a breach.  

More seriously, it's easy to suggest that others go to jail for not
doing what we want.  I know of few professionals who'd want to accept
the risk of jail time for their errors or omissions.

So if you advocate CEOs in jail, be prepared to join them.

Adam

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

Current thread:

Re: CEOs deserve jail for data breaches, (continued)
- - Re: CEOs deserve jail for data breaches James Ritchie, CISA, QSA (Apr 09)
  - Re: CEOs deserve jail for data breaches Allen (Jun 30)
- Re: CEOs deserve jail for data breaches Rich Kulawiec (Apr 09)
  - Re: CEOs deserve jail for data breaches Ghercoias, Catalin (Apr 09)
    - Re: CEOs deserve jail for data breaches Allan Friedman (Apr 09)
    - Re: CEOs deserve jail for data breaches [LONG] Rich Kulawiec (Apr 09)
- Re: CEOs deserve jail for data breaches Casey, Troy # Atlanta (Apr 09)
  - Re: CEOs deserve jail for data breaches Eric Nelson (Apr 09)
    - Re: CEOs deserve jail for data breaches James Childers (Apr 09)
- Re: CEOs deserve jail for data breaches Mike Simon (Apr 09)
  - Re: CEOs deserve jail for data breaches Adam Shostack (Apr 09)
    - Re: CEOs deserve jail for data breaches Max Hozven (Apr 09)
    - Re: CEOs deserve jail for data breaches Stefan Wahe (Apr 09)
    - Re: CEOs deserve jail for data breaches Rich Kulawiec (Apr 09)
    - Re: CEOs deserve jail for data breaches lyger (Apr 09)
- Re: CEOs deserve jail for data breaches grexpectations (Apr 09)