The week before Labor Day is always a slow news cycle but things must have really been crawling at a snail’s pace for一周前的勞動節，始終是緩慢的新聞週期的東西，但必須有確實一直在抓取在蝸牛的步伐 InformationWeek 信息周刊 to run this story…運行這個故事…

The gist of the story is eighty-seven percent of consumers said they lost respect for businesses after those companies lost customers’ personal information, according to InfoSurv’s survey of 400 consumers.精神的故事是87 ％的消費者表示，他們失去了尊重企業後，這些公司失去顧客的個人資料，根據infosurv調查的400個消費者。 Tablus, a company that provides systems for protecting software, backed the survey and announced the results Tuesday. tablus ，公司提供系統保護軟件，支持調查並公佈結果，週二。 According to Tablus, respondents’ comments indicated that a loss of personal information equals a loss of business because consumers believe businesses should place a high priority on maintaining trust and the confidentiality of their information. 據tablus ，受訪者的評論指出，虧損的個人信息等於損失了生意，因為消費者相信，企業應放在高度優先地位，保持信任和保密，他們的信息。 In fact, 96% of respondents said that protecting customers from data breaches should be a company’s highest priority. 事實上，在96 ％的受訪者表示，從保護客戶數據的違反應該是一個公司的最高優先事項。 Ninety-five percent of respondents said there is no excuse for exposing customers’ confidential information, and 93% said that businesses are obligated to protect sensitive content. 95 ％的受訪者表示是沒有藉口，揭露客戶的機密資料，以及93 ％的說，企業有責任，以保護敏感內容。 Ninety-four percent of respondents said if there’sa technology to prevent the loss of confidential and personal information, all businesses should use it. 94 ％的受訪者表示如果有技術，以防止損失的機密和個人資料，所有企業都應該使用它。

Why isn’t this news?為什麼沒有這一消息？ First, because it’s old news.首先，因為它的舊新聞。 A simple Google search would have shown this.一個簡單的Google搜索將顯示這一點。 Also companies such as此外，公司如 Forrester Research Forrester Research公司 , ， Gartner Gartner的 and和 Protegrity protegrity ( full disclosure, Protegrity is a BlinnPR client ) have been talking about this subject for months now. （ 全面披露， protegrity是一個blinnpr客戶端 ）一直在談論這個問題的幾個月現在。 In fact, Forrester and Protegrity have actually calculated in real dollar amounts what a data breach could cost a company.事實上，在Forrester公司和protegrity其實計算，在真正的美元數額有什麼數據可以違約成本的公司。 And lastly, anybody who closely follows security and data breaches knows that at RSA 2006 and 2007 this topic was presented as part of a panel discussion.最後，任何人誰緊隨安全和數據違反知道，在RSA的2006年和2007年這個題目是作為一個組成部分，小組討論。 How do I know?我怎麼知道？ Yes, I was at RSA but I was also a panelist both years.是的，我是在RSA的，但我也是一個小組成員都年。

This isn’t about bashing InformationWeek or being the ultimate arbiter of what they should or should not report on.這不是撲頭信息周刊或作為裁決的最終裁決是什麼，他們應該或不應該的報告。 I’ll leave that up to people who are legends in their own mind.我會離開，直至人誰是傳說在他們自己的主意。

No, my point is this.不，我要說的是這一點。 We already know data breaches are harmful to a company’s brand.我們已經知道的數據違反有害的一間公司的品牌。 What we really should be concerned with is making data breaches part of a company’s crisis communications plan.我們真正應該關注的是決策的數據違反的一個組成部分，公司的危機溝通計劃。 I can tell you from first hand knowledge that data breaches are not and they should be.我可以告訴你，從第一手知識，數據違反不和他們應。

Bookmark to: 書籤：

While playing 18 holes of golf at Van Cortlandt Park in the Bronx over the weekend, I read online that it took Monster.com about five days to disclose a data breach where the personal information of a whole mess of grumpy job seekers, hoping that posting their resumes on Monster would result in a life of happiness and prosperity, got stolen.而扮演了18個洞的高爾夫球場在車cortlandt公園在布朗克斯本週末，我在線閱讀，它採取了monster.com約五天披露的數據，違反所在的個人資料，整個一團糟的老百姓著想的求職者，希望調職自己的簡歷上的怪物，會導致生活的幸福和繁榮，得到被盜。

I can’t answer the question about whether five days was too little or too much, but I can give you an idea about what you need to know before you disclose to customers, the media and in most cases your bank and credit card companies.我不能回答這個問題是否五天太少或太多，但我可以給你一知道哪些是您需要知道您之前透露給客戶，媒體和在大多數情況下，您的銀行和信用卡公司。 You need to know what happened, what and how much was stolen, who was affected, and what you are going to do to make sure it doesn’t happen again.您需要知道到底發生了什麼，什麼有多少被人偷去，誰受到影響，和你怎樣做，以確保它不會再發生。 Maybe not with 100% certainty what happened or who the perpetrator(s) were, but enough to know generally what broke, so that you can assure customers you will fix it.也許不是與100 ％確定性所發生的事情或誰是肇事者（ ） ，但足夠的了解，一般發生什麼，這樣你可以保證客戶你會解決它。

This ultimately comes down to a trust game, and I’d advise anyone to have more information (even if it takes a few days extra), then less.這最終歸結為一個信託的遊戲，我要提醒的人有更多的信息（即使需時數天內額外的） ，則更少。 Saying “we’re screwed, we just don’t know how big the pole is” doesn’t engender confidence in your customer base.他說： “我們正在擰，我們只是不知道有多大，極是”不產生信心，在您的客戶基礎。 If you can’t get that information after a certain amount of time, then you need to disclose anyway - but understand you’re going to be pummeled ala TJX.如果您無法得到的信息後，一定數額的時間，那麼你就需要披露無論如何-但我們了解您將會本週助理法律顧問t jx。

That’s why I harp time and time again about crisis communications.這就是為什麼我豎琴時間和一次又一次的危機有關的通訊。 It’s going to happen to you, it’s just not clear when.這將會是發生在你身上，只是不明確時。

Bookmark to: 書籤：

Credit for this entry goes to Henry Blodget at the 信用為這個項目去唐英年答在 Silicon Alley Insider 矽巷內幕 … …

Five days after Ukrainian hackers busted into a “rogue server” and stole contact info for 1.3 million Monster users, Monster told the users.五天後，烏克蘭黑客破獲成為一個“無賴服務器”並偷走了聯絡方式，為130萬用戶的怪物，怪獸告訴用戶。 But it did so in one of the most inscrutable但這樣做是在其中一個最inscrutable press releases新聞發布 ever written.以往的書面。

Bookmark to: 書籤：

RSA Conference RSA會議 , which I’m speaking at next year, is looking for the most innovative emerging company in the information security industry for its Innovation Station program, held in conjunction with RSA Conference 2007, Feb. 5-9, 2007, at San Francisco’s Moscone Center. ，我在明年，尋找最創新的新興公司，在信息安全產業為它的創新站計劃，在舉行與RSA會議2007年2月5日至9日， 2007年，在舊金山的Moscone中心。

The submission process is now open for pre-IPO companies in the information security technology space interested in participating.提交過程，現在開放供首次公開招股前公司，在信息安全技術的空間，有興趣參加。 Companies must be privately held and in business for fewer than two years, with confirmed 2006 booked revenues under $5 million and a new product or service introduced between March 2006 and February 2007.公司必須私下舉行，並在營業不到兩年，證實2006年訂下收入500萬元及一個新的產品或服務的介紹之間的2006年3月和2007年2月。

Once selected, these companies are provided with a unique opportunity to showcase new products or services to a judging panel comprised of leading venture capital investors, CSOs, press and industry experts, as well as exhibiting in a special Innovation Station pavilion on the expo floor.一旦選定，這些公司都提供了一個獨特的機會，以展示新產品或服務的一個評審團組成的領導風險資本投資者，民間社會組織，新聞界和業內專家，以及參展，在一個特別創新的站亭對世博會發言。

The winner will be named “the most innovative new company” at RSA Conference 2007 and be promoted on the RSA Conference 2007 Web site and in a follow-on press release, and also be provided two individual face-to-face meetings with members of the judging panel after the conference (subject to availability).冠軍將被命名為“最具創意的新公司”在RSA會議上， 2007年晉升上的RSA會議2007年網站和在後續對新聞發布，也可提供兩個單獨的面對面的會議，與成員評審團會議後（視情況而定） 。

To nominate your company as a candidate for the Innovation Station, please visit提名您的公司作為一個候選人，創新站，請訪問 www.rsaconference.com/2007/us/expo/additional/innovation/ . 。

Nominations will close Friday, Dec. 8, at 5 pm PDT.提名將關閉星期五， 12月8日下午5時在太平洋夏令時間。

Bookmark to: 書籤：