Failing to report sensitive data breaches to US regulatory and law enforcement agencies just got more dangerous and confusing for CISOs and their organizations. If that failure is seen as a coverup, such as paying ransoms for retrieving sensitive data, it could lead to steep fines or jail time.

In a case that is playing out now, Joe Sullivan, former Uber CISO, was recently charged under an ambiguous, arcane law that goes back to 1789 called misprision of a felony. In the charging documents, the FBI claims Sullivan’s actions of paying off the attackers to retrieve the data are akin to aiding and abetting a crime. If this case wins, it will grind businesses to a halt as they feel compelled to report anything that might appear to be a data-related crime against their organizations.

To read this article in full, please click here

You May Also Like

Red Cross becomes victim of a cyberattack in which hackers seized the data of more than 515,000 people

A few days ago the servers that host the information of the…

Security firm COO indicted for aiding hospital’s attackers: What CSOs should know

No one expects trust to be broken when they engage trusted individuals…

CashApp is hacked by an employee. Stolen sensitive data

CashApp, a popular financial services and stock trading platform, has confirmed a…