There are hundreds of reasons organisations, lobbyists and some politicians will quote for not reporting a cyber-security breach – most will have to do with money. The one reason the rest of us should be in favour of reporting rules is that it is our data that these organisations have released into the wild.
In America President Biden is firmly on the side of reporting:
Biden veto waiting for bill to kill SEC breach report rule • The Register
IN the UK there are laws that govern how organisations have to report data breaches to the the Information Commissioner’s Office (ICO) for the ggod of us all.
But I run a business and reporting a breach will impact my reputation…
I have heard many excuses why business owners think reporting a breach is a bad thing. However reporting does force those organisations that look at their profits before spending on cyber security to think again when it comes to budget time. Again that is good for everyone – including reluctant business owners – as these organisations have benefitted from processing our data they should make evry effort to protect it whilst it is in their possession.
I am in discussion with two organisations at the moment that have realised they need to audit their processes to ensure they are taking all resonable steps to be cyber secure. Is it time you did the same?
Clive Catton MSc (Cyber Security) – by-line and other articles