Pierluigi Stella, CTO for Network Box USA:
“I confess, I’ve become jaded – I no longer read such news. In fact, the more likely the scenario, the more I am inclined to say, ‘Ah, another one.’
“Why do we continue to be surprised? We’re playing with fire, underestimating the importance of security, although we continue to talk about it as something beyond vital. At the end of the conversation, there’s always someone asking about costs and slashing budgets. And these are the results. The true risks of security cannot be measured in such rudimentary ways anymore. The time when we comparedrisk assessment to a horse in a stable (don’t spend more money for the fence than for the horse) is long gone. We need to change the approach and understand that the risks are much higher; losing your data can (and WILL) cost you your company. Data breach notification laws now require that every user be notified (and that’s standard across the board in all states), an undertaking which alone can cost a fortune. Insurance companies will cover some of that cost (if you have cyber security insurance) but you’ll still be out a lot of money. Let’s not even begin to peg a dollar value to corporate reputation and loss thereof. (How many of us refrained from shopping at Target for a long time at the beginning of this year?) That’s a cost you can’t easily quantify nor foresee.
“When will the time come when companies take security seriously ‘for real’ and not only on paper? One has to wonder.”