Should all security incidents be reported to law enforcement? With Anthem and others disclosing their breaches recently, do you think that they did so in a timely fashion?
What are the pros and cons of law enforcement involvement?
What does the current law say about companies having to release information / statements on a security breach?
How does policy impact the discussion to disclose a breach?
Should there be stiff compensation back to customers for the risk they are now enduring?