Reporting of Information Security Breaches
Reporting of Information Security Breaches
A Reporter's View: Corporate Information Security and the Impact of Data Breach Notification Laws
This chapter presents an insider's view of how information about corporate information security breaches reaches the public. It says that “[d]espite the passage of state-level data security breach notification legislation in many states, journalists still often have to rely on sources other than the companies and organizations that experience a breach for information about a breach—either because the breach is not considered newsworthy or because the data that are stolen do not fall into the category of data covered by notification laws.” Journalists learn about breaches from a number of sources. Rarely, though, are companies or organizations that experienced the breach the first to reveal it. The chapter describes some of the practical limitations of data breach notification laws with regard to public disclosure of corporate security breaches. It argues that companies fear that disclosing such information would place them at a disadvantage with competitors and make them vulnerable to lawsuits from customers as well as to other potential intruders.
Keywords: corporate information security, data security, security breach, journalists, public disclosure, data breach notification laws
Stanford Scholarship Online requires a subscription or purchase to access the full text of books within the service. Public users can however freely search the site and view the abstracts and keywords for each book and chapter.
Please, subscribe or login to access full text content.
If you think you should have access to this title, please contact your librarian.
To troubleshoot, please check our FAQs , and if you can't find the answer there, please contact us.
