Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Trustwave plans to fight "baseless allegations" over Target breach

Steve Ragan | April 3, 2014
In a statement issued on Saturday, Trustwave's CEO, Robert J. McCullen, says that the recent lawsuit against his company are without merit and baseless.

In interviews with CSO, Jacob Olcott, who manages the cybersecurity practice at Good Harbor Security Risk Management, and Lisa Sotto, chair of the global privacy and cybersecurity practice at Hunton & Williams, commented on the case.

"It's a significant development because auditors and security technology companies have never previously faced liability for failing to detect or mitigate breaches. It certainly raises the bar for auditors, who may modify their auditing practices to enhance the scrutiny of the companies they audit," said Olcott.

Some assessors are more "check the box" and less rigorous, while others are extremely thoroughly, Sutto said. Less diligent QSAs will sometimes cut corners in order to keep prices competitive. "The QSAs would be wise to pay attention to this and to ensure that there's appropriate rigor in their assessments," Sotto added.

"The cost pressure results in probably less time than may be needed to do an appropriate assessment."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.