tag:blogger.com,1999:blog-4088979.post4491544882277916597..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Must-Read Verizon Post Demolishes More MythsRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-4088979.post-43575589859411175332009-07-13T11:04:48.990-04:002009-07-13T11:04:48.990-04:00I think the key is "the consequences of other...I think the key is "the consequences of other data theft intrusions are not so easily observed nor tracked" tied with a reported compromise immediately tarnishes the company name and costs money.<br /><br />Having done several incident responses, I've never seen a company purposely task a consultant or employee with finding evidence of PII compromise. I have seen them halt analysis and have legal parse findings to get out of any legally required reporting. <br /><br />There are innate problems in the system that need to be addressed if we want companies to make more efforts to protect customer data.Matthew Wollenweberhttps://www.blogger.com/profile/08462281652941920773noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-32409701962196830522009-07-12T06:57:26.231-04:002009-07-12T06:57:26.231-04:00Would it be accurate to say, then, that even howev...Would it be accurate to say, then, that even however unknowingly, intruders/attackers are taking advantage of this mindset? After all, denial isn't just a river in Egypt, and if the C-level suite of folks are in that river about network-based intrusions, then isn't that the best route into an organization?H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.com