The week before Labor Day is always a slow news cycle but things must have really been crawling at a snail’s pace for一周前的劳动节，始终是缓慢的新闻周期的东西，但必须有确实一直在抓取在蜗牛的步伐 InformationWeek 信息周刊 to run this story…运行这个故事…

The gist of the story is eighty-seven percent of consumers said they lost respect for businesses after those companies lost customers’ personal information, according to InfoSurv’s survey of 400 consumers.精神的故事是87 ％的消费者表示，他们失去了尊重企业后，这些公司失去顾客的个人资料，根据infosurv的统计调查结果显示， 400名消费者。 Tablus, a company that provides systems for protecting software, backed the survey and announced the results Tuesday. tablus ，公司提供系统保护软件，支持调查并公布结果，周二。 According to Tablus, respondents’ comments indicated that a loss of personal information equals a loss of business because consumers believe businesses should place a high priority on maintaining trust and the confidentiality of their information. 据tablus ，受访者的评论指出，亏损的个人信息等于损失了生意，因为消费者相信，企业应放在高度优先地位，保持信任和保密，他们的信息。 In fact, 96% of respondents said that protecting customers from data breaches should be a company’s highest priority. 事实上，在96 ％的受访者表示，从保护客户数据的违反应该是一个公司的最高优先事项。 Ninety-five percent of respondents said there is no excuse for exposing customers’ confidential information, and 93% said that businesses are obligated to protect sensitive content. 95 ％的受访者表示是没有借口，揭露客户的机密资料，以及93 ％的说，企业有责任，以保护敏感内容。 Ninety-four percent of respondents said if there’sa technology to prevent the loss of confidential and personal information, all businesses should use it. 94 ％的受访者表示如果有技术，以防止损失的机密和个人资料，所有企业都应该使用它。

Why isn’t this news?为什么没有这一消息？ First, because it’s old news.首先，因为它的旧新闻。 A simple Google search would have shown this.一个简单的Google搜索将显示这一点。 Also companies such as此外，公司如 Forrester Research Forrester Research公司 , ， Gartner Gartner的 and和 Protegrity protegrity ( full disclosure, Protegrity is a BlinnPR client ) have been talking about this subject for months now. （ 全面披露， protegrity是一个blinnpr客户端 ）一直在谈论这个问题的几个月现在。 In fact, Forrester and Protegrity have actually calculated in real dollar amounts what a data breach could cost a company.事实上，在Forrester公司和protegrity其实计算，在真正的美元数额有什么数据可以违约成本的公司。 And lastly, anybody who closely follows security and data breaches knows that at RSA 2006 and 2007 this topic was presented as part of a panel discussion.最后，任何人谁紧随安全和数据违反知道，在RSA的2006年和2007年这个题目是作为一个组成部分，小组讨论。 How do I know?我怎么知道？ Yes, I was at RSA but I was also a panelist both years.是的，我是在RSA的，但我也是一个小组成员都年。

This isn’t about bashing InformationWeek or being the ultimate arbiter of what they should or should not report on.这不是扑头信息周刊或作为裁决的最终裁决是什么，他们应该或不应该的报告。 I’ll leave that up to people who are legends in their own mind.我会离开，直至人谁是传说在他们自己的主意。

No, my point is this.不，我要说的是这一点。 We already know data breaches are harmful to a company’s brand.我们已经知道的数据违反有害的一间公司的品牌。 What we really should be concerned with is making data breaches part of a company’s crisis communications plan.我们真正应该关注的是决策的数据违反的一个组成部分，公司的危机沟通计划。 I can tell you from first hand knowledge that data breaches are not and they should be.我可以告诉你，从第一手知识，数据违反不和他们应。

Bookmark to: 书签：

While playing 18 holes of golf at Van Cortlandt Park in the Bronx over the weekend, I read online that it took Monster.com about five days to disclose a data breach where the personal information of a whole mess of grumpy job seekers, hoping that posting their resumes on Monster would result in a life of happiness and prosperity, got stolen.而扮演了18个洞的高尔夫球场在车cortlandt公园在布朗克斯本周末，我在线阅读，它采取了monster.com约五天披露的数据，违反所在的个人资料，整个一团糟的老百姓着想的求职者，希望调职自己的简历上的怪物，会导致生活的幸福和繁荣，得到被盗。

I can’t answer the question about whether five days was too little or too much, but I can give you an idea about what you need to know before you disclose to customers, the media and in most cases your bank and credit card companies.我不能回答这个问题是否五天太少或太多，但我可以给你一知道哪些是您需要知道您之前透露给客户，媒体和在大多数情况下，您的银行和信用卡公司。 You need to know what happened, what and how much was stolen, who was affected, and what you are going to do to make sure it doesn’t happen again.您需要知道到底发生了什么，什么有多少被人偷去，谁受到影响，和你怎样做，以确保它不会再发生。 Maybe not with 100% certainty what happened or who the perpetrator(s) were, but enough to know generally what broke, so that you can assure customers you will fix it.也许不是与100 ％确定性所发生的事情或谁是肇事者（ ） ，但足够的了解，一般发生什么，这样你可以保证客户你会解决它。

This ultimately comes down to a trust game, and I’d advise anyone to have more information (even if it takes a few days extra), then less.这最终归结为一个信托的游戏，我要提醒的人有更多的信息（即使需时数天内额外的） ，则更少。 Saying “we’re screwed, we just don’t know how big the pole is” doesn’t engender confidence in your customer base.他说： “我们正在拧，我们只是不知道有多大，极是”不产生信心，在您的客户基础。 If you can’t get that information after a certain amount of time, then you need to disclose anyway - but understand you’re going to be pummeled ala TJX.如果您无法得到的信息后，一定数额的时间，那么你就需要披露无论如何-但我们了解您将会本周助理法律顾问t jx。

That’s why I harp time and time again about crisis communications.这就是为什么我竖琴时间和一次又一次的危机有关的通讯。 It’s going to happen to you, it’s just not clear when.这将会是发生在你身上，只是不明确时。

Bookmark to: 书签：

Credit for this entry goes to Henry Blodget at the 信用为这个项目去唐英年答在 Silicon Alley Insider 硅巷内幕 … …

Five days after Ukrainian hackers busted into a “rogue server” and stole contact info for 1.3 million Monster users, Monster told the users.五天后，乌克兰黑客破获成为一个“无赖服务器”并偷走了联络方式，为130万用户的怪物，怪兽告诉用户。 But it did so in one of the most inscrutable但这样做是在其中一个最inscrutable press releases新闻发布 ever written.以往的书面。

Bookmark to: 书签：

RSA Conference RSA会议 , which I’m speaking at next year, is looking for the most innovative emerging company in the information security industry for its Innovation Station program, held in conjunction with RSA Conference 2007, Feb. 5-9, 2007, at San Francisco’s Moscone Center. ，我在明年，寻找最创新的新兴公司，在信息安全产业为它的创新站计划，在举行与RSA会议2007年2月5日至9日， 2007年，在旧金山的Moscone中心。

The submission process is now open for pre-IPO companies in the information security technology space interested in participating.提交过程，现在开放供首次公开招股前公司，在信息安全技术的空间，有兴趣参加。 Companies must be privately held and in business for fewer than two years, with confirmed 2006 booked revenues under $5 million and a new product or service introduced between March 2006 and February 2007.公司必须私下举行，并在营业不到两年，证实2006年订下收入500万元及一个新的产品或服务的介绍之间的2006年3月和2007年2月。

Once selected, these companies are provided with a unique opportunity to showcase new products or services to a judging panel comprised of leading venture capital investors, CSOs, press and industry experts, as well as exhibiting in a special Innovation Station pavilion on the expo floor.一旦选定，这些公司都提供了一个独特的机会，以展示新产品或服务的一个评审团组成的领导风险资本投资者，民间社会组织，新闻界和业内专家，以及参展，在一个特别创新的站亭对世博会发言。

The winner will be named “the most innovative new company” at RSA Conference 2007 and be promoted on the RSA Conference 2007 Web site and in a follow-on press release, and also be provided two individual face-to-face meetings with members of the judging panel after the conference (subject to availability).冠军将被命名为“最具创意的新公司”在RSA会议上， 2007年晋升上的RSA会议2007年网站和在后续对新闻发布，也可提供两个单独的面对面的会议，与成员评审团会议后（视情况而定） 。

To nominate your company as a candidate for the Innovation Station, please visit提名您的公司作为一个候选人，创新站，请访问 www.rsaconference.com/2007/us/expo/additional/innovation/ . 。

Nominations will close Friday, Dec. 8, at 5 pm PDT.提名将关闭星期五， 12月8日下午5时在太平洋夏令时间。

Bookmark to: 书签：