Educause Security Discussion mailing list archives

Re: WSJ Article - A Contrarian View on Data Breaches

From: Emery Rudolph <erudolph () UMD EDU>
Date: Tue, 5 Aug 2014 16:29:11 +0000

Reputation is an extension of an emotional and psychological response to safety of their data within that organization. 
As time has progressed, data breaches have lessened in actual effect on the consumer psyche because they are getting 
used to seeing them in the headlines and most importantly have not seen or felt a large negative personal effect. 
Unless you are personally victimized, where not only has your (or someone you know) information been compromised, but 
also exploited by the bad guys, you start to understand that most cases of data breach only requires you to change your 
password or credit card, which are fairly low-demand tasks. 

It's when your health records, SSN and other very personal information are stolen that you become more concerned. It 
the same visceral reaction that people are currently experiencing with Malaysia Airlines. An otherwise safe entity that 
experienced two tragedies, one of which was not their fault, but they are experiencing a huge drop in ridership because 
people do not feel safe. Their reputation is adversely effected, but over time they can earn that trust back. The same 
is true of institutions and businesses that experience data breaches - with this one caveat - In many cases, the 
prospective consumer who is concerned about data safety will only patronize you if they see that you have actively 
addressed the issue, owned up to your shortcomings and have truly put measures into place to mitigate future issues. 

You need to show that you are on top of the issue to regain public trust. If it is evident that you never took security 
seriously and that you have not adequately addressed security across the board, then you may have lost those customers 
forever. 

Very Best Regards,

Emery Rudolph, MS
Manager
IT-ETI-PS Enterprise UNIX Services
University of Maryland
(301) 405-9379
http://www.umd.edu



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
McClenon, Brady
Sent: Tuesday, August 05, 2014 12:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] WSJ Article - A Contrarian View on Data Breaches

http://www.marketwatch.com/investing/Stock/TGT/financials/income/quarter

Sales seemed to dive in Q1 for Target, but that's post-Christmas.  You would expect a drop in sales.  Wal-Mart follows 
the same pattern, albeit not as sharp, but Target had better Q4-2013 growth (which included 42 days after breach 
disclosure).

Also, the day of the breach disclosure target stock sat around $61.  It fell to a low of $54 and is already back to $59 
less than 8 months later.

I think the jury is still out on reputation impacts of the breach...


Brady McClenon
Information Technology Security Administrator Information Technology Services SUNY College at Oneonta
607-436-3203

"Quotes found on the internet are not always accurate."  - Abraham Lincoln








-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Julian Y 
Koh
Sent: Tuesday, August 05, 2014 10:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] WSJ Article - A Contrarian View on Data Breaches

On Tue Aug 05 2014 09:00:19 CDT, Harry Hoffman <hhoffman () IP-SOLUTIONS NET> wrote:

As far as I know Target suffered no loss of sales as a result of the breach so how exactly are we measuring impact?


<http://www.forbes.com/sites/maggiemcgrath/2014/02/26/target-profit-falls-46-on-credit-card-breach-and-says-the-hits-could-keep-on-coming/>


--
Julian Y. Koh
Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT)

2001 Sheridan Road #G-166
Evanston, IL 60208
847-467-5780
NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>

-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2014.0.4744 / Virus Database: 3986/7985 - Release Date: 08/05/14

Current thread:

Re: WSJ Article - A Contrarian View on Data Breaches, (continued)
- - - Re: WSJ Article - A Contrarian View on Data Breaches Brad Judy (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Jeff Murphy (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Kingsley, Gene (Aug 05)
- Re: WSJ Article - A Contrarian View on Data Breaches John Kristoff (Aug 05)
  - Re: WSJ Article - A Contrarian View on Data Breaches Julian Y Koh (Aug 05)
- Re: WSJ Article - A Contrarian View on Data Breaches Harry Hoffman (Aug 05)
  - Re: WSJ Article - A Contrarian View on Data Breaches Julian Y Koh (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches McClenon, Brady (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Harry Zahlis (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Hudson, Edward (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Emery Rudolph (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Wendy Wallman (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Harry Hoffman (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Ruth Ginzberg (Aug 05)
    - Re: WSJ Article - A Contrarian View on Data Breaches Manjak, Martin (Aug 05)
  - Re: WSJ Article - A Contrarian View on Data Breaches Torgersen, Eric A (Aug 05)