It used to be that the rules of the game made suing a vendor for a security breach a losing proposition. It was easier to settle a dispute for less, or to take an insurance payout and move on. No more. Because of changes in the insurance business and some recent court decisions, it looks like this is going to be the year to watch for computer security lawsuits. The tipping point came in October 2001. That was when, looking at huge payouts post-9/11 and no end to the super-viruses (such as I Love You and Nimda), the Hartford Insurance Co. removed computer damages from its commercial general liability plans. Other insurers followed suit. In 2002, as computer damages from major viruses intensified, agencies such as the National Institute of Standards and Technology were establishing rules and standards for software security — and security breach victims started to view the problem as one of negligence instead of liability. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.