I’m delighted that Adam Shostack has posted a critique of a study that is often cited as support for the claim that data breaches cause brand harm: Ponemon’s US Cost of Data Breach Study.
As background, some of us have been discussing on Twitter, blogging, and otherwise debating whether data breaches do, in fact, cause reputation harm or brand harm, as many people have claimed.
Read Adam’s post and an additional commentary by Russell.
I’ll have more to say once I’ve had a chance to really read through their commentaries, but I think this is exactly the kind of dialogue we need to have about data and methodology.