Proposed Law Blocks Firms From Hiding Hacks

Dennis Faas's picture

An estimated 40,000 businesses and organizations could find themselves legally bound to report any cyber security breaches they've suffered. The idea is to share information about cyber threats and increase the chances of catching hackers.

The rules have been proposed by the European Union and would affect organizations across that continent. Companies from the United States and other countries that operate in Europe might also be covered by the rules. (Source: europa.eu)

The firms involved include banks, power companies, and medical facilities. The European Union has determined that a security breach affecting these types of businesses and organizations could have a serious impact on the general public.

Reports indicate that companies running search engines and cloud computing services would also be included in the plan.

At the moment, the only companies that are forced to report security breaches are those handling telecommunications data.

Governments to Collaborate, Fight Hacking

If adopted, the rules would mean each European Union member country would need to set up an authority responsible for collecting reports of cyber attacks. The authorities from all 27 countries would share details of these attacks.

Officials believe such an approach is needed because hackers pay little heed to international boundaries. Sharing relevant details could make it easier to track the people responsible for attacks and develop defenses against ever-advancing hacking techniques.

Hacking Details Could Embarrass Companies

Not all businesses will be happy with the proposed rules. Some firms worry that publicizing security breaches could result in the loss of customers.

The proposed rules would leave it to national authorities to decide on publicizing details associated with a security breach. The authorities would also have the right to fine companies if they decide the breach resulted from neglect.

It could be some time before the proposals are passed into law. They'll need to be approved by both the elected European Parliament and the Council of Ministers, the latter being made up of senior politicians from each country. (Source: platts.com)

Rate this article: 
No votes yet