rsa breach disclosure illustrates need for more information

So far, word about the recent RSA hack illustrates just one really important problem with the current “disclosure” system: We (customers or experts or stakeholders) rarely get enough information to properly decide what happened, what the risk is, or how to really value the news. I don’t always necessarily need to know how an attack happened or what *all* was accessed, but I’d like to at least be able to do more than just wonder about the impact. Maybe it’s too soon, but anyone who knows anything about the news knows that the longer this goes on, the less it will ever get widely covered/disclosed as firms wait for the interest to die out…