Voices
$240 million so far, that amount
doesn’t take into account the
fraudulent charges individuals had
to fight and is itself split among
the many financial institutions
whose customers were affected by
the breach. Meanwhile, Target said
in January that it expected to lose
only 2-6 percent of sales over last
year, and only in the first quarter.
That is why these breaches are
just going to keep happening: in the
absence of laws or regulations forcing all companies to protect your
data (and your money) better, companies simply aren’t going to lose
enough money in a data breach to
“justify” the costs of better security.
Meanwhile, all of us will end up
paying more to offset the costs of
these breaches, in terms of higher
account fees, lower service levels and the like. But better laws
requiring companies to protect
the customer data they use, collect and store do not appear to be
coming your way any time soon.
Deep in the midst of this current and ongoing cyberinsecurity
epidemic, the White House issued
its long-awaited “guidelines” for
cybersecurity and critical infrastructure last week. In the document, its authors wrote:
ADAM
LEVIN
HUFFINGTON
03.02.14
Similar to financial and reputational risk, cyber security risk
affects a company’s bottom line.
It can drive up costs and impact
revenue. It can harm an organization’s ability to innovate and
to gain and maintain customers.
Why might a document laying
out guidelines and best practices
have to remind its readers and
target audience that there are se-
In the absence of
laws or regulations forcing
all companies to protect
your data (and your money)
better, companies simply
aren’t going to lose enough
money in a data breach
to ‘justify’ the costs of
better security.”
rious costs to bad cybersecurity
practices? Because the guidelines
have no force of law and no incentives to encourage companies to
comply — and the administration
says it has no plans to track if or
how anyone even bothers to comply with the framework, anyway.
It’s not like these companies
don’t know what best data security