Breaches are one of those things that no one cares about until they happen. Assessing and mitigating risks is costly and no one wants to spend money on that.
And let’s be real, the penalties for data breaches, especially ones that transpired due to willful negligence, are an insufficient motivator. It happens so often that the public just kind of forgets about it the next day.
Remember the Equifax breach in 2017? The one where the personal data of 147 million people was exposed? Well Equifax got a slap on the wrist when they should have been fined into oblivion. That’s the only way businesses will start taking cyber security seriously. The US desperately needs GDPR-like legislation because at this point our collective lack of data privacy and security is a joke.
Breaches are one of those things that no one cares about until they happen.
You have people like me on the inside repeating “Spend money now or lose money and reputation later.” The only time I had a client REALLY listen was when the government made them, and then they wanted to figure out the cheapest way to do the bare minimum.
But capitalism is great and keeps us safe and free y’all!
I’d be happy with a federal level recognition to a right to privacy beyond the 4th amendment. That alone might be enough to drastically increase the ramifications for breaches made possible through negligence and could include jail time.
Breaches are one of those things that no one cares about until they happen. Assessing and mitigating risks is costly and no one wants to spend money on that.
And let’s be real, the penalties for data breaches, especially ones that transpired due to willful negligence, are an insufficient motivator. It happens so often that the public just kind of forgets about it the next day.
Remember the Equifax breach in 2017? The one where the personal data of 147 million people was exposed? Well Equifax got a slap on the wrist when they should have been fined into oblivion. That’s the only way businesses will start taking cyber security seriously. The US desperately needs GDPR-like legislation because at this point our collective lack of data privacy and security is a joke.
You have people like me on the inside repeating “Spend money now or lose money and reputation later.” The only time I had a client REALLY listen was when the government made them, and then they wanted to figure out the cheapest way to do the bare minimum.
But capitalism is great and keeps us safe and free y’all!
I’d be happy with a federal level recognition to a right to privacy beyond the 4th amendment. That alone might be enough to drastically increase the ramifications for breaches made possible through negligence and could include jail time.