Security managers in court?!

Jun 22nd, 2004

Comments: 3
Category: General Security

Security managers in court?!

Now I’ll start this post with the obligatory IANAL, but there’s a story over at Security pipeline, which seems to be saying that Security Managers Could Face Court Penalties for poor security or for making lists of top measures that companies should follow and then not implementing them all…
I’ve got to say that the examples sound a bit over dramatised to me, but it’s an interesting theory from the point of view of convincing management of the importance of being seen to be proactive in the field of InfoSec…

DISCUSSION 3 Comments

  1. Stefan Keller June 22, 2004 at 10:56 pm

    Maybe it depends on how the role of the security manager is perceived in the organisation.
    – If it is the one of decision support/preparation for the CIO and the minding the wheels of security-related things through security management (I like ITIL there!), I’d assume that if someone ends up in court it ought to be the higher ranks..
    Stefan

  2. Stefan Keller June 22, 2004 at 10:57 pm

    Maybe it depends on how the role of the security manager is perceived in the organisation.
    – If it is the one of decision support/preparation for the CIO and the minding the wheels of security-related things through security management (I like ITIL there!), I’d assume that if someone ends up in court it ought to be the higher ranks..
    Stefan

  3. Rory.Blog June 23, 2004 at 9:39 pm

    Yep, I’d agree that unless the security officer has authority/responsibility for all security matters then I’d expect to see a higher up person take the fall in court.
    What I’ll be suprised to see is corporate officers turning up in court at all for poor Information security. I mean if you look at all the hacks that have occured, yet I’ve never seen a company sued for the breaches yet…..

Add a comment

Your email address will not be shared or published. Required fields are marked *