Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybersecurity whistleblowers: Get ready for more

Taylor Armerding | Feb. 22, 2016
It is not a comfortable topic – virtually all cases involving a cybersecurity whistleblower have ended with a confidential settlement. But experts, and lawyers, say that in an increasingly connected world, those cases are bound to increase

Silverstone said he encourages employees to report any perceived flaws in security, in the same way they should report safety or harassment. He said he even makes it part of an employee policy handbook. “I encourage them to be adamant about it,” he said, adding that in his experience, virtually all those who brought concerns to him were well intentioned.

“There are very few who abuse the system,” he said. “I only remember one person who wasn’t telling the truth.”

Still, for those who don't work for the government or who have union protections, going outside management to blow the whistle on a security problem is risky, even if a complaint is upheld.

Stronger laws might help, said the anonymous expert who resigned rather than falsely certify compliance, and didn’t blow the whistle. “Our economy is built in such a way that the employer has the upper hand. Nothing good will come of it,” he said.

 

Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.