The week before Labor Day is always a slow news cycle but things must have really been crawling at a snail’s pace for InformationWeek to run this story…

The gist of the story is eighty-seven percent of consumers said they lost respect for businesses after those companies lost customers’ personal information, according to InfoSurv’s survey of 400 consumers. Tablus, a company that provides systems for protecting software, backed the survey and announced the results Tuesday. According to Tablus, respondents’ comments indicated that a loss of personal information equals a loss of business because consumers believe businesses should place a high priority on maintaining trust and the confidentiality of their information. In fact, 96% of respondents said that protecting customers from data breaches should be a company’s highest priority. Ninety-five percent of respondents said there is no excuse for exposing customers’ confidential information, and 93% said that businesses are obligated to protect sensitive content. Ninety-four percent of respondents said if there’s a technology to prevent the loss of confidential and personal information, all businesses should use it.

Why isn’t this news? First, because it’s old news. A simple Google search would have shown this. Also companies such as Forrester Research, Gartner and Protegrity (full disclosure, Protegrity is a BlinnPR client) have been talking about this subject for months now. In fact, Forrester and Protegrity have actually calculated in real dollar amounts what a data breach could cost a company. And lastly, anybody who closely follows security and data breaches knows that at RSA 2006 and 2007 this topic was presented as part of a panel discussion. How do I know? Yes, I was at RSA but I was also a panelist both years.

This isn’t about bashing InformationWeek or being the ultimate arbiter of what they should or should not report on. I’ll leave that up to people who are legends in their own mind.

No, my point is this. We already know data breaches are harmful to a company’s brand. What we really should be concerned with is making data breaches part of a company’s crisis communications plan. I can tell you from first hand knowledge that data breaches are not and they should be.

Bookmark to:
         

RSA Conference, which I’m speaking at next year, is looking for the most innovative emerging company in the information security industry for its Innovation Station program, held in conjunction with RSA Conference 2007, Feb. 5-9, 2007, at San Francisco’s Moscone Center.

The submission process is now open for pre-IPO companies in the information security technology space interested in participating. Companies must be privately held and in business for fewer than two years, with confirmed 2006 booked revenues under $5 million and a new product or service introduced between March 2006 and February 2007.

Once selected, these companies are provided with a unique opportunity to showcase new products or services to a judging panel comprised of leading venture capital investors, CSOs, press and industry experts, as well as exhibiting in a special Innovation Station pavilion on the expo floor.

The winner will be named “the most innovative new company” at RSA Conference 2007 and be promoted on the RSA Conference 2007 Web site and in a follow-on press release, and also be provided two individual face-to-face meetings with members of the judging panel after the conference (subject to availability).

To nominate your company as a candidate for the Innovation Station, please visit www.rsaconference.com/2007/us/expo/additional/innovation/.

Nominations will close Friday, Dec. 8, at 5 p.m. PDT.

Bookmark to: