That wasn't so bad after all...
(Posted by adam)
There's an article in Wall Street and Technology, "When Risk Managers Cry Wolf." It opens:
Avoiding "reputation risk" is a common justification for increasing security measures, protecting customers' financial information and reporting security breaches in a timely manner. But now more than 18 months after the big ChoicePoint incident when 163,000 bogus accounts were created by ID thieves, the doom and gloom that financial services risk professionals have predicted has failed to come true.Yep. These things don't hurt nearly as much as some people were predicting. Can we move along, and start learning from them?... So this means that the “reputation risk” card carries much less punch, now that consumers are content to have 97 million personal data records exposed since February 2005. Going forward, risk managers will need to rely more on the actual costs associated with data breaches, rather than play the reputation risk card.
Bookmark this post: Posted by adam on December 22, 2006 at 12:07 PM
in breach analysis
. You can:
comment, view comments (2),
search Technorati.
Comments
163,000 fake accounts were created?
That's news to me.
Posted by: Chris Walsh | December 22, 2006 6:37 PM
"Journalistic license." More seriously, his point, that the sky is not falling, is an important one.
Posted by: Adam | December 22, 2006 6:42 PM