The Department of Justice (DOJ) is preparing to apply the 19th century "Lincoln Law," officially called the False Claims Act, to require that companies disclose "cybersecurity incidents and breaches." The idea is that businesses serving as government contractors must disclose everything about any incidents—to the government and, potentially, to the public at large.
Will it work? Who knows? The DOJ has to actually enforce it, and that may be too big of an ask. There is a whistleblower component, which could be the kind of whipping stick needed to actually get companies to comply. But a lot of companies will probably take their chances and ignore it, and probably get away with it, until they're exposed after the fact.
View Full Article (May Require Paid Registration)
No entries found