The Feds need to get to it. I'd prefer it to be mandatory for all 50 states to have to report potential personal information breaches. It's best for consumers.
1. There would be a website listing every company that was breeched talk about a PR nightmare
2. Any company not hit yet would be made a target by non-malicious / "ethical" hackers, thus leading to holes to be exploited.
Good idea but won't really change anything. I always just assume that every site I enter my credit card into has or will be hacked, and its up to me to make sure i'm still me and pablo in BFE florida.
Requiring to report to the authorities is okay, but being required to tell possible consumers isn't really! Anybody who has a bit of buying power is a possible consumer! And besides, people want to know the internet is safe for shopping, not that you're being robbed blind if you use it.
If your credit card details or other potential sensitive data is stolen, then the company has to tell you, there is no logical argument against it, surely if they don't and that data is then used to commit fraud or steal money then the company should be made liable,
I better damn well know when a company that has my personal information gets hacked, I'de feel a little better hearing it from them then from CNN or Fox news.
These data breaches and thefts are largely due to a lagging business culture. Google “I.T. WARS” and you can read a good bit of it on Google Books – it’s also in many libraries. Read some fresh and original thinking here - http/www.businessforum.com/DScott_02.html - I urge every business person and IT person, management (IT Governance) or staff, to get hold of a copy of “I.T. Wars: Managing the Business-Technology Weave in the New Millennium.” It has an excellent chapter on security, and how to scale security for any organization, any budget. It also has a plan template with all considerations. Our CEO has read this book. Our project managers are on their second reading. Our vendors are required to read it (they can borrow our copies if they don’t want to purchase it). Any agencies that wish to partner with us: We ask that they read it. In the realm of risk, unmanaged possibilities become probabilities.