Mary Landesman wrote a clever commentary on how to respond to breaches. Landesman uses Goofus and Gallant from the children’s Highlights magazine to contrast different types of responses with examples drawn from two healthcare sector breaches involving the University of North Carolina.
If we teach our children to emulate Gallant and not Goofus, can those who advise entities on breach responses (in-house and consultants) also get entities to act more like Gallant?
It would sure cut down on a lot of the criticisms I’ve had about entities failing to step up to the plate to take responsibility.