The conviction of former Uber security head Joe Sullivan for his attempt to hide details of a 2016 hack from both the public and the Federal Trade Commission could force companies to be more transparent when it comes to reporting cybersecurity breaches, reports Jack Gillum for Bloomberg News. However, experts say Sullivan’s case may be an exception to the rule as, while he was charged with obstruction of justice and concealing a felony amid a probe by the Federal Trade Commission, the Justice Department still failed to charge Sullivan with violating disclosure regulations.
While many states now require companies to report breaches, and the U.S. Securities and Exchange Commission has proposed new cyber-reporting laws, FBI officials last year estimated that the bureau has visibility into only a quarter of cyber incidents, resulting in a government-wide lack of information about the nature of many data breaches, the tactics of cybercriminals and the U.S. industries that are most vulnerable.
Gloss