It’s going to be interesting to see how this one pans out (further to Peter Benson’s story yesterday; Disclosure Laws – Reality Checks)
A successful action against TJX will no doubt have a tsunami effect on businesses – with global implications. Is it about time?
The Payment Card Industry DSS message and its objectives (and just plain good Information Security practices) will have no better driver than the fear of a company being the next to feel the wrath of badly burnt banks or business partners, clients, customers or …..wait for it….. Shareholders!
You’ll see the same old story if you track the links deeper. Surprise surprise, this may have been happening back as far as 2005. I hate to keep repeating myself but many (a lot, more than you would hope, a good percentage of) companies just have no idea if their systems are secure, who “owns” them, whether they have been breached in the past and whether they continue to be used by unauthorised parties. It’s been said many times …. most companies just don’t want to know!
What impact does this have on Disclosure Laws? Hmmm……