Well, let’s go right to Venture Beat. Quote.
New research released by cybersecurity vendor Bitdefender today surveyed over 400 IT and security professionals who work in companies with 1,000 or more employees. Bitdefender found that 42% of IT and security professionals surveyed had been told to keep breaches confidential — i.e., to cover them up — when they should have been reported.
Perhaps even more shockingly, 29.9% of respondents admitted to actually keeping a breach confidential instead of reporting it.
This research highlights that an alarming number of organizations are willing to ignore their obligations to report data breaches to regulators and customers in an attempt to avoid legal and financial penalties.
So why are so many tech leaders pressuring their staff to bury data breaches? The answer is that the cyberthreat landscape is becoming more and more demanding, with 52% of organizations experiencing a data breach within the past 12 months.
This as cyber also becomes more of a priority for companies at the board levels. According to a Wall Street Journal survey released last month, more than three-fourths of board directors say their board has at least one cyber expert.
Why do we care?
Have you considered and prepared for your response if a customer asked you to cover up an incident? What about if you found an employee that has?
This isn’t purely an intellectual exercise – 42% being asked to cover up a breach is shockingly high, with almost a third doing it. In any sizeable customer base, you’ll be asked.
And having your answers ahead of time is the only sure way to handle this.