We have been following the same cybersecurity approach, more or less, for over a decade. Yet, most everyone agrees that the problem continues to grow worse. Perhaps we are not on the right course. Maybe we are operating on false assumptions. The following list (to be continued in next month’s column) is meant to promote a dialogue about what, in my view, are widely held cybersecurity myths.

According to frequent headlines in the press, cybersecurity is an issue that has seized the attention of corporate boards and the executives who report to them. The reality is probably more nuanced. Although the largest companies in some sectors are engaged in extensive risk management efforts, the broader business community in the middle market remains at best uneven in its response, says Matthew F. Prewitt, partner with law firm Schiff Hardin in Chicago, chair of Schiff Hardin’s data security and privacy team and co-chair of the trade secrets and employee mobility team.

The U.S. House of Representatives Intelligence Committee introduced legslation intended to enhance information sharing between private companies and intelligence agencies about cybersecurity threats.

A driver from the ride-hailing service is suing the company for not doing enough to prevent the 2014 data breach and then not informing impacted employees sooner.

Four out of five global retailers and other merchants failed interim tests to determine whether they are in compliance with payment card data security standards.

Consider the irony of withholding threat and vulnerability information in the name of national security that, if properly disseminated, would do more to help our national security.

 Microsoft has sued a group of hackers who have allegedly stolen millions of dollars from computer users and financial institutions using malware disguised as its Windows software.

A public hospital in Washington state is suing Bank of America to recoup some of the losses from a $1.03 million cyberheist.