Prevent data breaches, don’t just report them

Public data breach lists are a symptom of a deeper problem: U.S. cybersecurity laws place a disproportionate emphasis on notifying the public after a breach has occurred. While notice always will play a role in remediating harm, policymakers should shift their focus to preventative measures, such as more robust and clearer data security standards and incentives for investments in cybersecurity. Read More...