“If company A is breached by an attack and they don’t disclose enough information to others in the industry then it is likely company B will get attacked using the same methods. This could be avoided if more information sharing was happening. Information sharing works, look at Microsoft they share exploit information with security vendors so end users can be protected and this has been highly successful.”
Experts urge U.S. caution on additional cyber threat disclosures
- Talking Point
- Posted On
In response to the news that cyber experts urged U.S. securities regulators to tread carefully when requiring companies to disclose security breaches and cyber threats, saying giving too much information may leave them vulnerable to hackers or legal action Lamar Bailey, director, R&D, Tripwire says:
“I really hate to see this, and I consider this a step backwards in security. We need companies sharing more information about how a breach occurred so others can learn from them and protect themselves. The era of noisy fast propagating worms is long over, now a successful attack stays under the radar and if it is successful at one location it will be used again at others.