EU Proposes New Hacking Reporting Rules
By: Ainsley Brown
Data security breaches or in the popular parlance, hacking, has dominated major headlines worldwide. To say hacking is serious issue, one that affects the online reputations and credibility of a company, is an understatement – just ask Sony.
Considering the economic value of e-commerce/e-economy and the dangers posed by hacking it was only a matter of time before there was some sort of legislative response. The law makers in question here is the European Union (EU). In legislation that is being drawn up for the autumn EU companies will be obligated to inform consumers immediately when ever their computer systems have been hacked.
The proposed legislation is clearly linked to the massive data security breach at Sony. Or better put Sony’s very slow response in announcing that its over 70 million PlayStation users personal data was placed in danger as a result of hacking.
Under the new regime gone would be the days of industry best practice recommendations or voluntary schemes. In its place would be comprehensive system that would see companies conducting serious risk assessments in order to identify weak points in their date security systems and practices. Such assessments will become critical if and when a hacking incident does occur and customers need to be informed.