making sure it's not just an assessment of value to your organization but seeing the effect, ecosystemwide. making sure those asymmetric values get considered at the risk level at the corporate level to be dealt with. >> anyone else on the panel want to comment on reasonable and what that means, the context of what you do? >> were in accordance with those standards. >> is that a good starting point? >> i believe so. >> did you have something? >> yes. the word reasonable was what caught my attention. section two of the bill. reasonable measures and procedures by information security. even though it is only been five weeks since her major data breach, the estimated cost have reasonable defenses, and protection of sensitive information. it can range from a few million dollars to as high as $50 million. these figures from other studies get saved. approximately $100 for every identity stolen. we have 310,000 stolen. the cost is 310,000 times $100. the question i think mr. maldon raised, an excellent question, whose shares in the responsibility for protection? it will bankrupt most universities

making sure it's not just an value to your organization but seeing the effect, ecosystemwide. those asymmetric values get considered at the at the corporate level to be dealt with. >> anyone else on the panel want comment on reasonable and what that means, the context of what you do? there is a whole custom and practice of the trade that you want to look at based on the risks you identified. >> is that a good starting point? >> i believe so. >> did you have something? >> yes. the word reasonable was what caught my attention. section two of the bill. reasonable measures and procedures by information security. even though it is only been five weeks since her major data the estimated cost have reasonable defenses, and protection of sensitive information. from a few million dollars to as high as $50 million. these figures from other studies get saved. approximately $100 for every identity stolen. we have 310,000 stolen. is 310,000 times $100. the question i think mr. maldon raised, an excellent question, whose shares in the responsibility for protection? it will bankrupt most univ

making sure it's not just an value to your organization but seeing the effect, ecosystemwide. those asymmetric values get considered at the at the corporate level to be dealt with. >> anyone else on the panel want comment on reasonable and what that means, the context of what you do? there is a whole custom and practice of the trade that you want to look at based on the risks you identified. >> is that a good starting point? >> i believe so. >> did you have something? >> yes. the word reasonable was what caught my attention. section two of the bill. reasonable measures and procedures by information security. even though it is only been five weeks