Should Software Companies Be Legally Liable For Security Breaches?
Jon Evans | August 6, 2015
It’s a truism that all software has bugs and security holes. It’s another that license agreements invariably make software vendors immune to liability for damage or losses caused by such flaws. But, to my surprise, Black Hat’s founder and keynote speaker are arguing that software product liability, presumably mandated by governments, is inevitable. If they’re right, a seismic change is on the horizon. |
| Source: https://hbr.org/2013/06/the-escalating-cost-of-softwar |
<more at http://techcrunch.com/2015/08/06/should-software-companies-be-legally-liable-for-security-breaches/; related links: https://www.advisen.com/downloads/Emerging_Cyber_Tech.pdf (The Liability of Technology Companies for Data Breaches. 2010. [Excerpt: Suits against technology companies sparked by breaches of customer data are relatively uncommon today, but they are likely to mushroom in the coming years. Settlements potentially can run into the millions of dollars. Even if a firm ultimately prevails in a lawsuit, defense costs still can run into the hundreds of thousands of dollars. Every organization that keeps records about its clients or handles credit card transactions should be concerned about data security. Breaches occur with alarming frequency, and even a moderate breach can cost a company millions of dollars in response costs, system repairs, lawsuits, and fines and penalties. Like every other company, information technology companies should be certain their data is secure. Additionally, they must be vigilant when dealing with sensitive customer data and when building or integrating systems that are to be used with sensitive data. A study by the Ponemon Institute, a data protection research firm, found that 85 percent of U.S. organizations may have experienced at least one data breach in 2009. These breaches cost American businesses billions of dollars. Forty-two percent of the cases involved errors by third parties such as professional services, outsourcers, vendors and business partners. Data breaches were more expensive when third parties were involved, according to the study.]) and http://searchsecurity.techtarget.com/Security-liability-Whos-to-blame-for-a-data-security-breach (Security liability: Who's to blame for a data security breach?)>
No comments:
Post a Comment