Breach news equals FUD
@John: Today's news of JP Morgan Chase makes your post extremely well-timed. While I agree that FUD is not a sensible long-term approach to encouraging stepped up security efforts for businesses, I do wonder what it will take for greater investment to be made. For example, according to Bloomberg, "JPMorgan Chase spends about $200 million each year to protect itself from cyber attacks." That seems to me to be an alarmingly low figure for a company of this size that's handling global financial data for millions and millinos of individuals and corporations. Would greater investment in cyber security in general help organizations gain better footing against these attacks? And, if so, how do you advise CISOs and others to make the business case for such investment?