Last week, the European Commission proposed new legislation to require major tech firms like Google and Facebook to report any security breaches to local cyber crime authorities or risk sanctions like fines.
The bill, which is currently being finalised, will force EU member states to establish local cybersecurity agencies to which tech companies, such as social networks, e-commerce firms and online platforms which have access to users' data, as well as infrastructure and energy groups, will have to report any server issues and security breaches to.
Ross Brewer, vice president and managing director for international markets, LogRhythm, has made the following comments: “Legislation enforcing the disclosure of any IT security breaches is now long overdue. Our recent research shows that 80 percent of the UK public implicitly do not trust organisations to keep their data safe – so this new law will hopefully serve to rebuild public confidence in cyber security.
“Once this law is enforced, any organisations holding user data will need much deeper insight into the activity taking place across their networks, as they will be required to provide accurate details of any security breaches. It will therefore be necessary for organisations to improve the use of the data generated by their IT systems, in order for any abnormal activity to be more quickly and effectively identified. Unfortunately, all too often this information is managed in an inefficient and disparate manner, which can lead to inaccurate breach details being reported. This ‘over-disclosure’ has already become an issue in the US, where breach notification laws are in place – with organisations being unable to accurately identify exactly what the security breach entailed due to a lack of visibility within their IT systems, many are overstating the severity of the incident.
“With cyber attacks becoming increasingly sophisticated and frequent – and with IT data volumes growing at unprecedented rates – data breaches have become inevitable. It is therefore in every organisation’s best interest to baseline normal, day-to-day activity across all dimensions of IT infrastructures, in order to recognise true weaknesses and identify anomalies in real time. This will also allow for a deep forensic analysis of growing amounts of data. In doing so, organisations can proactively secure both data and infrastructure, while avoiding disclosing inaccurate information and unintentionally escalating the magnitude of a breach. As such, only a cyber security strategy focusing on the continuous monitoring of IT networks will provide the network visibility and intelligent insight to future-proof against increasingly stringent legislations on IT security.”