https://community.isc2.org/t5/Industry-News/Jail-time-for-keeping-breaches-secret/m-p/4184#M427 <P><A href="https://www.wired.com/story/a-new-bill-wants-jail-time-for-execs-who-hide-data-breaches/" target="_self"><EM>Wired</EM></A> ran a story this week about the U.S. Senate introducing a bill to require jail time to executives who fail to report a breach within 30 days.&nbsp;</P> <P>&nbsp;</P> <P>Here's the bill itself:&nbsp;<A href="https://www.commerce.senate.gov/public/_cache/files/cbbd6ccf-752f-43a7-aae3-702f3feea3b4/4F4099F55C568BC3E15252D087F6AD43.2017-data-breach-legislation.pdf" target="_blank">https://www.commerce.senate.gov/public/_cache/files/cbbd6ccf-752f-43a7-aae3-702f3feea3b4/4F4099F55C568BC3E15252D087F6AD43.2017-data-breach-legislation.pdf</A></P> <P>&nbsp;</P> <P>Do you think this is a step in the right direction to hold people and organizations accountable?&nbsp;</P> Mon, 09 Oct 2023 08:22:21 GMT Kaity 2023-10-09T08:22:21Z https://community.isc2.org/t5/Industry-News/Jail-time-for-keeping-breaches-secret/m-p/4184#M427 <P><A href="https://www.wired.com/story/a-new-bill-wants-jail-time-for-execs-who-hide-data-breaches/" target="_self"><EM>Wired</EM></A> ran a story this week about the U.S. Senate introducing a bill to require jail time to executives who fail to report a breach within 30 days.&nbsp;</P> <P>&nbsp;</P> <P>Here's the bill itself:&nbsp;<A href="https://www.commerce.senate.gov/public/_cache/files/cbbd6ccf-752f-43a7-aae3-702f3feea3b4/4F4099F55C568BC3E15252D087F6AD43.2017-data-breach-legislation.pdf" target="_blank">https://www.commerce.senate.gov/public/_cache/files/cbbd6ccf-752f-43a7-aae3-702f3feea3b4/4F4099F55C568BC3E15252D087F6AD43.2017-data-breach-legislation.pdf</A></P> <P>&nbsp;</P> <P>Do you think this is a step in the right direction to hold people and organizations accountable?&nbsp;</P> Mon, 09 Oct 2023 08:22:21 GMT https://community.isc2.org/t5/Industry-News/Jail-time-for-keeping-breaches-secret/m-p/4184#M427 Kaity 2023-10-09T08:22:21Z https://community.isc2.org/t5/Industry-News/Jail-time-for-keeping-breaches-secret/m-p/4767#M513 <P>Hi,</P><P>I'm not subject to American Law (UK resident), but I would suggest that it might actually be a good idea.</P><P>"Jail Time" can be quite subjective, bearing in mind there is no hard and fast rule to decide how long an individual would spend incarcerated for such an offence.</P><P>&nbsp;</P><P>However, it would leave a permanent mark on someone's record, so would serve as a deterrent to keeping breaches secret.</P><P>&nbsp;</P><P>In my opinion, it seems a little archaic in approach as people are ultimately coerced into admission of such breaches, or risk punishment. Surely a better option would be to reward those who proactively protect themselves, and incentivise the reporting of a breach by offering an amnesty or even help.</P><P>&nbsp;</P><P>Of course, should someone be breached due to complete ignorance, then throw the book at them, as a lesson needs to be learned, but should you do everything possible to avoid an issues yet get stung, help should be given, wherever possible.</P><P>&nbsp;</P> Fri, 05 Jan 2018 16:26:44 GMT https://community.isc2.org/t5/Industry-News/Jail-time-for-keeping-breaches-secret/m-p/4767#M513 HTCPCP-TEA 2018-01-05T16:26:44Z