Charge Companies for Cyber Security Failures

Uploaded on 2016-06-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Companies should be fined if they fail to guard against cyber-attacks, UK MPs have recommended in the wake of last year's TalkTalk hack.

The UK’s Culture, Media and Sport Select Committee inquiry made a number of recommendations, but stopped short of suggesting that criminal proceedings should apply to employees who fail to protect people’s data.

The committee also recommended that CEOs' pay should be linked to effective cyber security; that it should be easier for consumers to get compensation if they are the victim of a hack; and that the Government should conduct a public awareness campaign about online and telephone scams or phishing.  

Companies should also be fined for delays in reporting breaches into their systems. Committee chair Jesse Norman told Sky News: "Our report today I think is a giant wake up call for industry generally because what that showed (the TalkTalk hack) is that even very sophisticated companies in the telecoms area were not invulnerable to attacks." 

In the USA, the Securities and Exchange Commission has required publicly traded companies to inform regulators about cyber-attacks since 2012. 

The Internet service provider TalkTalk, which has around 4 million customers, was hacked in October last year.

The company initially described the attack as "significant", but later said only 157,000 people’s details had been compromised. The financial information, banking sort codes and account numbers, of 15,000 people were stolen. 28,000 people had obscured versions of their debit and credit card details taken. Six arrests have been made, of people all younger than 21. 

The Information Commissioner’s Office (ICO) is conducting its own investigation into the specifics of the TalkTalk attack and data breach.

The select committee complained about the eight-month wait for this report and suggested the ICO was understaffed.

Conservative MP Mr. Norman added: "We don't know the full detail of the attack even now and we've asked TalkTalk to publish as much of the current report that they've done on the attack as possible but it may have been a very simple one." 

Sky:  

« Russian Cyber Gangs Linked To Bank Robberies
False Flags: The Kremlin’s Hidden Hand »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Critical Infrastructures for Information and Cybersecurity (ICIC)

Critical Infrastructures for Information and Cybersecurity (ICIC)

ICIC addresses the demand for cybersecurity for National Public Sector organizations and civil and private sector organizations in Argentina.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Key Cyber Solutions

Key Cyber Solutions

Key Cyber is an IT consulting firm that specializes in agile software development services, program management and infrastructure services, cyber security and cloud and managed services.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

Viakoo

Viakoo

Viakoo is an Enterprise IoT Applications Management company providing performance, security, and compliance. Viakoo enables you to be proactive in maintaining cyber hygiene and protecting your network

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

Clarity

Clarity

Clarity is an AI cybersecurity startup that protects against deepfakes and new social engineering and phishing attack vectors accelerated by the rapid adoption of Generative AI.