In Legal First, Data-Breach Suit Targets Auditor

Thanks to Tim Shipman for calling this article to our attention.  This case is asking the question about how much responsibility an IT security auditing firm shoud have for a data-breach when they have signed off on a clean bill of health.

“The case, which appears to be among the first of its kind against a security auditing firm, highlights flaws in the standards that were established by the financial industry to protect consumer bank data. It also exposes the ineffectiveness of an auditing system that was supposed to guarantee that card processors and other businesses complied with the standards.”  Read the article…

Sorry, comments are closed for this post.