A research study by Bitdefender revealed that security breaches were covered up by 30% of companies surveyed – and even more IT professionals were put under pressure to keep quiet about them.
This was the case even when there were legal obligations to reveal data breaches to affected customers and regulators …
Security breaches covered up
The alarming news was revealed by a survey of IT professionals in larger companies, as Venturebeat reports.
New research released by cybersecurity vendor Bitdefender today surveyed over 400 IT and security professionals who work in companies with 1,000 or more employees. Bitdefender found that 42% of IT and security professionals surveyed had been told to keep breaches confidential — i.e., to cover them up — when they should have been reported.
Perhaps even more shockingly, 29.9% of respondents admitted to actually keeping a breach confidential instead of reporting it.
The problem was worst in the US, says the company, where more than two-thirds of those surveyed has been asked not to report breaches.
At 71%, IT/security professionals in the U.S. were the most likely to say they have been told to keep quiet, followed by the U.K. at 44%, Italy at 36.7%, Germany 35.3%, Spain 34.8% and France 26.8%.
9to5Mac’s Take
This is a relatively small-scale survey, involving 400 respondents across six countries: France, Germany, Italy, Spain, United Kingdom, and the United States. That limited sample means that the exact percentages will not be particularly reliable. However, with numbers this high, there is no doubt that covering up data breaches is a significant problem.
It’s not hard to understand why companies would want to keep quiet: Publicity can lead to a loss of consumer confidence, and result in fines and other corrective measures by privacy regulators. But it’s shocking that so many actually do so, even when it means breaking the law.
Customers have a right to know when their data has been exposed. Any company failing to report a security breach should be subjected to far harsher penalties than would have been the case for declaring it.
Photo: Taras Chernus/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments