Friday, December 30, 2022

Ask your lawyer if being lazy is right for you

from here and here

Well, this is an interesting development. Albanian IT staff get charged with negligence after a (supposedly) preventable cyberattack that they failed to prevent. Now, if it was really management's fault that things weren't kept up to date then I hope that comes out at trial and that the people who were really responsible are held accountable. This kind of legal action, combined with the uncertain future of cyber-insurance might just force businesses and organizations to finally start ponying up the funds to do security right. Or the decision-makers will find some other way to avoid accountability for not paying what should be the cost of doing business.