Comment Testing Methodology vs Cost Effectiveness. (Score 1) 250
For Retailers and Credit card providers both, it appears their ability to understand the validity of robust security testing and practices revolves around cost. Not having to pay any perceived penalty due to a data breach means these corporate types can assign a relatively low risk to data breaches. Low risk usually means low test efforts as well. And this is what we as consumers appear to be satisfied with. I'm more of the opinion that if you have a data breach, it should cost you as a company X dollars per person affected...and start X somewhere above 5 figures. Each person would get that payout. How serious then would corporations take data security?