Plenty of companies actively fail to report breach numbers, but how much does such transparency matter in keeping data safe?
The latest Symantec Internet Security Threat Report has been published, and as usual contains some interesting statistics. Not least that the number of organisations opting not to report the numbers of records lost in a breach was up by 85 percent year on year. Kevin Haley, director of Symantec Security Response, insists that “the increasing number of companies choosing to hold back critical details after a breach is a disturbing trend. By hiding the full impact of an attack, it becomes more difficult to assess the risk and improve your security posture to prevent future attacks.” Does the IT security industry, however, actually agree with this take on transparency as it relates to meaningful security posture?