top | item 24527071

(no title)

You need to tweet your view of security requirements if you want to provide IT functions to users. Yes they are a nice to have, yes the cost of a data breach either to you or the user are highly damaging.

There’s nothing stopping most industries doing something stupid in the current state of things but I’m sure there will be in the future, you should be legally liable for your consumer data, irrespective of if you’re ‘nontechnical people running old versions of off the shelf software’ or not, mistakes happen, but failing the most obvious stuff in infosec is, IMO, criminally negligent. Waf or not.

discuss

No comments yet.