Ed Gibson’s comments on my recent posting on “information security fatigue” raise a timely and important issue: Should we now publicise security incidents?
I’m in favour. Compliance is already moving in this direction. And if you have any Californian staff or customers you will already be responding to this issue. So let’s come clean and report what’s really happening. It’s not without cost. It can impact your reputation. But it will quickly concentrate the minds of both business and customers.