Forum Thread: If My Company Gets Hacked, Do I Have an Obligation to Report It?

When some companies get hacked, they don't report it to authorities or the public. This is because they fear damage to their reputation and possibly a loss of confidence by the public. Should it be mandated by law that they report the compromise of their security?

4 Responses

I don't think that it should be mandatory. To me, it's the same as when someone has something stolen from them. Yea, it is best to report it to local authorities and make the situation known so others will be on the lookout as well but it's not mandatory.

I largely agree with Joshua, but often if one company is hacked due to a vulnerability we ALL have in our systems, wouldn't we all be better off if we knew?

While you do have a point, sometimes the loss in reputation can put the companies position in jeopardy. Pending on the companies importance in the world (ex. Intel, microsoft, apple, etc.), it might be for the best for them to not report it and to cover it up as best they can. To put this in perspective, does anyone remember what happened to Sony when it was found out they were hacked? They took a lot of damage in the PR department and lost millions of customers and currency until they were forced to slip out of the limelight for a while.

So while I as a consumer would adore companies to share their e-rape stories, as a businessman (which I am admittedly not) I would vote against it.

Indeed we would be better off but then that's when you get into companies and their petty competitions for who is better. If we all could just get along, the world would be a much safer place.

Share Your Thoughts

  • Hot
  • Active