Fixing Data Breaches Part 5: Penalties
In the first 4 parts of "Fixing Data Breaches", I highlighted education, data ownership and minimisation, the ease of disclosure and bug bounties as ways of addressing the problem. It was inevitable that we'd eventually end up talking about penalties though because the fact remains that although all the aforementioned recommendations make perfect sense, we're still faced with data breaches day in and day out from companies just not getting the message. This part of the series is also the hardest to implement. It requires regulatory changes, can be highly subjective and poses all sorts of cross-border challenges. But it's important, so let me do my best articulating it. Are Organisations Actually Paying Attention? Here's what really strikes...