Maeve@kbin.earth
on 08 Apr 2025 01:45
nextcollapse
Again
N0body@lemmy.dbzer0.com
on 08 Apr 2025 02:31
collapse
I don’t understand how the timing of these announcements work. Do they wait for all their richest clients to pay the ransom money first? Explore every avenue of deniability until they’re exhausted?
They definitely do a risk assessment on the possible costs of announcing a breach vs the costs of hiding one. I’ve seen a talk where it was pointed out that one of America’s biggest vulnerabilities in its tech sector and general cyber infrastructure is the fact that companies are not legally obliged to announce a leak when it happens.
threaded - newest
Again
I don’t understand how the timing of these announcements work. Do they wait for all their richest clients to pay the ransom money first? Explore every avenue of deniability until they’re exhausted?
They definitely do a risk assessment on the possible costs of announcing a breach vs the costs of hiding one. I’ve seen a talk where it was pointed out that one of America’s biggest vulnerabilities in its tech sector and general cyber infrastructure is the fact that companies are not legally obliged to announce a leak when it happens.