The cybersecurity crisis might be getting worse, as a new study found that nearly a third of IT professionals have covered up data breaches at the behest of their supervisors.
As is often the case in the business world, a bit of transparency goes a long way in maintaining integrity and trust for your company. Whether it be compensation or benefits, keeping your employees and customers in the loop can do a lot to breed success.
When it comes to cybersecurity, though, some businesses are apparently opting for the opposite tactic, having their teams cover up the breaches rather than report them.
30% of IT Professionals Have Covered Up Data Breaches
A new study from BitDefender, a cybersecurity provider offering tools for businesses and individuals, found that 29.9% of IT professionals have covered up data breaches at their company.
Even worse, the study also found that 42% had been asked by their supervisors to cover up data breaches, which means at least a small percentage of IT professionals are pushing back on these questionable security practices.
The research from BitDefender, reported by Venture Beat, surveyed 400 IT professionals from businesses that have more than 1,000 employees.
Why Wouldn't an IT Professional Report a Data Breaches?
Given the scope of the research, it's fair to wonder why in the world IT professionals and their supervisors would ever cover up a data breach. After all, it's not like they actively want to put your data at risk, so what's the deal?
The reality is that there are lots of regulations in place to encourage companies to properly and effectively secure the data of individuals. Subsequently, when they don't do that properly or effectively, data breaches can come with some hefty penalties that are the likely cause for these kinds of cover-ups.
In fact, depending on where the company is headquartered, penalties can range from $500 to $50,000 per customer. This means that for larger companies, like the ones surveyed in this study, costs can get very high very fast. As a result, these IT professionals and their supervisors are likely trying to avoid these kinds of penalties by covering it up.
Transparency and Cybersecurity
While a cover-up may seem like a good short-term solution, the long-term damage to your brand is almost assuredly right behind it. In so many words, transparency is good for everyone: the company, the customers, and the ecosystem of technology.
“Security in cyberspace can be enhanced by a degree of transparency across all users that is not always adopted among security professionals; the more that non-expert managers and leaders understand the impact of good (or poor) protection, the better they will be able to use cyber assets responsibly.” – Dan Chenok, Executive Director of the IBM Center for The Business of Government
Uber is an excellent example of a company that attempted to hide a 2016 data breach of 57 million users and was eventually made to pay $148 million to settle civil litigation. Simply put, covering it up will always come back to bite you in the end.