Another Day Another Disaster

Now it is Uber that has released critical information to the world.  They join a long list of major data breaches that are “hugely concerning” and “very bad” and “<Insert Nonsense PR Words Here>”.

The reality is that almost NONE of these companies feel any pain.  Any minor financial cost is already calculated into their cost structure, nobody loses their jobs and have you really stopped shopping at Target?

Regulations Are Essential

There is one exception to this rule is the Equifax breach which has resulted in major leadership shake-ups.

So why the difference?

Unlike every other breach, the government got involved and threatened major repercussions – something that cannot be readily fit into an annual budget.

The EU has recently released the GDPR which finally starts moving towards true data protection.  Companies will be fined for not having the proper protection in place, real penalties will be enforced for data breaches.

These companies will feel PAIN.

Already companies are freaking out (finally) and desperately attempting to find actual solutions to their problems – instead of the litany of PR-driven gloss they use currently to cover up their issues for as little money as possible.

And yet nobody else is doing ANYTHING.  The rest of the world needs to get onboard, the U.S. can force this issue as we are the largest economy in the world.  We can use our financial power to force these regulations on any company in the U.S. or doing business with the U.S.  It is only through government regulations that cybersecurity will actually move forward and it is only by being forced that companies will actually care about their customers’ online world.

Much as I hate to say it as I do not generally like regulations, we need these rules NOW!