They definitely do a risk assessment on the possible costs of announcing a breach vs the costs of hiding one. I’ve seen a talk where it was pointed out that one of America’s biggest vulnerabilities in its tech sector and general cyber infrastructure is the fact that companies are not legally obliged to announce a leak when it happens.
They definitely do a risk assessment on the possible costs of announcing a breach vs the costs of hiding one. I’ve seen a talk where it was pointed out that one of America’s biggest vulnerabilities in its tech sector and general cyber infrastructure is the fact that companies are not legally obliged to announce a leak when it happens.