Charge Companies for Cyber Security Failures

Uploaded on 2016-06-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Companies should be fined if they fail to guard against cyber-attacks, UK MPs have recommended in the wake of last year's TalkTalk hack.

The UK’s Culture, Media and Sport Select Committee inquiry made a number of recommendations, but stopped short of suggesting that criminal proceedings should apply to employees who fail to protect people’s data.

The committee also recommended that CEOs' pay should be linked to effective cyber security; that it should be easier for consumers to get compensation if they are the victim of a hack; and that the Government should conduct a public awareness campaign about online and telephone scams or phishing.  

Companies should also be fined for delays in reporting breaches into their systems. Committee chair Jesse Norman told Sky News: "Our report today I think is a giant wake up call for industry generally because what that showed (the TalkTalk hack) is that even very sophisticated companies in the telecoms area were not invulnerable to attacks." 

In the USA, the Securities and Exchange Commission has required publicly traded companies to inform regulators about cyber-attacks since 2012. 

The Internet service provider TalkTalk, which has around 4 million customers, was hacked in October last year.

The company initially described the attack as "significant", but later said only 157,000 people’s details had been compromised. The financial information, banking sort codes and account numbers, of 15,000 people were stolen. 28,000 people had obscured versions of their debit and credit card details taken. Six arrests have been made, of people all younger than 21. 

The Information Commissioner’s Office (ICO) is conducting its own investigation into the specifics of the TalkTalk attack and data breach.

The select committee complained about the eight-month wait for this report and suggested the ICO was understaffed.

Conservative MP Mr. Norman added: "We don't know the full detail of the attack even now and we've asked TalkTalk to publish as much of the current report that they've done on the attack as possible but it may have been a very simple one." 

Sky:  

« Russian Cyber Gangs Linked To Bank Robberies
False Flags: The Kremlin’s Hidden Hand »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

DLA Piper

DLA Piper

DLA Piper is a global law firm with offices throughout the Americas, Asia Pacific, Europe and the Middle East. Practice areas include Cybersecurity.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

MER Group

MER Group

MER Group is a world-leading integrator in the areas of communications and security. MER cyber solutions cover the entire range of cyber and intelligence related products and services.

Cyscale

Cyscale

Cyscale automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Ashley Page

Ashley Page

Ashley Page offer a unique cyber insurance and risk management solution - Cyber+Insure.

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory is a manufacturer of military security and data destruction equipment for sensitive, classified, and secret information.

Ten Eleven Ventures

Ten Eleven Ventures

Ten Eleven is a specialized venture capital firm exclusively dedicated to helping cybersecurity companies thrive.

Insight Partners

Insight Partners

Insight Partners is a leading global private equity and venture capital firm investing in growth-stage technology, software and Internet businesses.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Blackrock Cyber

Blackrock Cyber

Blackrock Cyber consults on critical security decisions, oversees compliance for your payment initiatives, and details cyber security training for your entire organization and board reporting.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Levio

Levio

Levio is a digital native business and technology consulting firm. As a true partner from start to finish, our goal is a long-lasting transformation that’s right for your business model.