Charge Companies for Cyber Security Failures

Uploaded on 2016-06-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Companies should be fined if they fail to guard against cyber-attacks, UK MPs have recommended in the wake of last year's TalkTalk hack.

The UK’s Culture, Media and Sport Select Committee inquiry made a number of recommendations, but stopped short of suggesting that criminal proceedings should apply to employees who fail to protect people’s data.

The committee also recommended that CEOs' pay should be linked to effective cyber security; that it should be easier for consumers to get compensation if they are the victim of a hack; and that the Government should conduct a public awareness campaign about online and telephone scams or phishing.  

Companies should also be fined for delays in reporting breaches into their systems. Committee chair Jesse Norman told Sky News: "Our report today I think is a giant wake up call for industry generally because what that showed (the TalkTalk hack) is that even very sophisticated companies in the telecoms area were not invulnerable to attacks." 

In the USA, the Securities and Exchange Commission has required publicly traded companies to inform regulators about cyber-attacks since 2012. 

The Internet service provider TalkTalk, which has around 4 million customers, was hacked in October last year.

The company initially described the attack as "significant", but later said only 157,000 people’s details had been compromised. The financial information, banking sort codes and account numbers, of 15,000 people were stolen. 28,000 people had obscured versions of their debit and credit card details taken. Six arrests have been made, of people all younger than 21. 

The Information Commissioner’s Office (ICO) is conducting its own investigation into the specifics of the TalkTalk attack and data breach.

The select committee complained about the eight-month wait for this report and suggested the ICO was understaffed.

Conservative MP Mr. Norman added: "We don't know the full detail of the attack even now and we've asked TalkTalk to publish as much of the current report that they've done on the attack as possible but it may have been a very simple one." 

Sky:  

« Russian Cyber Gangs Linked To Bank Robberies
False Flags: The Kremlin’s Hidden Hand »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

Cato Networks

Cato Networks

Cato connects your branch locations, physical and cloud datacenters, and mobile users into a secure and optimized global network in the cloud.

Infosec Partners

Infosec Partners

Whether you’re looking for complete managed security or an on-call expert advisor, we offer a range of managed security services to complement your internal team or primary outsource partner.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Cyber Ranges

Cyber Ranges

Cyber Ranges is the next-generation cyber range for the development of cyber capabilities and the validation of cyber security skills and organizational cyber resilience.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Mercury Systems

Mercury Systems

Mercury Systems is the leader in making trusted, secure mission-critical technologies profoundly more accessible to aerospace and defense.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.