While the laws dealing with cybersecurity notifications vary by state, there’s general agreement among organizations that they ought to notify consumers, regulators and others as soon as they discover a breach. But what happens when those other stakeholders are the ones who notify you with the first news of the breach?
In December 2016, Yahoo disclosedthat a 2013 hack had compromised more than 1 billion accounts. The incident was noteworthy in part because Yahoo’s original tip came from law enforcement, which provided data files that the company analyzed to reach its conclusions.
This is part of a bigger trend that has become apparent about breaches. Since 2005, in fact, discovery by law enforcement and third parties has been on a consistent upward trend.
Surveys indicate that a majority of data breach victims either don’t have adequate systems or managed security services that would help them self-detect data breaches.
That is a harbinger of trouble considering how many organizations are connecting to networks that include partners, customers and suppliers. In theory, internal IT systems should be able to detect any breaches but that’s hardly the case.
AT&T surveyed global executives for its Cybersecurity Insights report about breach notifications, for example, it discovered that employees, law enforcement agencies, customers and service providers are frequently the first to detect the problem.