NY requires businesses to disclose security breaches.



The Register writes that New York has passed a law that will require local government agencies and businesses to disclose security breaches. (System broken into or data stolen). I can understand businesses being reluctant to disclose this kind of information. “What will they say about us”, “bad reputation”, “we’ll lose customers”, the thoughts could go on. However, there are some people that respect a business that is up front about a problem like this.



I was impressed with Verizon’s confirmation of a problem and fairly quick resolution of a few more issues they found in yesterdays report on verizon wireless web page vulnerabilities. I guess the way I see it “to err is human”, in this case to be stand up, acknowledge it realistically and fix it is what approaches divine. We will never have perfect software. Bugs are guaranteed, but everyone affected needs to be “in the loop” when a major problem occurs. That’s what this law seems to work towards.

California has had similar measures for 2 years and another 15 states have done likewise. In this day and time information is truly power. Businesses disclosing information about breaches and compromised data gives the information and ultimately the power to decide how to deal with it to those affected.

   Send article as PDF   

Similar Posts