The news reports about data breaches follow each other in rapid succession. A data breach often leads to accusations against the organisation that experiences the data breach. Bernold Nieuwesteeg, director of the Centre for Law and Economics of Cyber Security at Erasmus School of Law, states that it is time to increase and document the responsibilities of software suppliers in order to potentially prevent data breaches in the future.
Most people think that the consequences of a data breach will never affect them. Therefore, they often -unjustly- react very careless to news of a data breach. The article in de Volkskrant shows that the consequences of a data breach can be very extensive and can affect anyone.
The personal approach as a formula for success
Not only the number of reports of digital fraud appear to be increasing, but the number of hacks aimed at gaining personal data is also increasing explosively. WhatsApp fraud, the classic request for help from a son or daughter, is particularly common and appears to have quadrupled in 2020. Data leaks expose a lot of personal information, used by scammers to convincingly impersonate a friend or family member or trusted authorities. This targeted and personal approach often ensures success for the scammer due to the detailed information gained from data leaks.
Responsibility of the software supplier
In the event of a data breach, the organisation that uses the collected data is often accused, and the software supplier remains untouched, unjustly according to Nieuwesteeg. The software used for data collection is often not developed by employees of the organisation that uses this data. However, the software supplier’s responsibility for cybersecurity knowledge is often unfairly left out of consideration. By involving data suppliers more closely and increasing, defining and documenting their responsibilities, data leaks may be prevented in the future, according to Nieuwesteeg.
- Researcher
- More information
Read the full Volkskrant article here (in Dutch).
- Related content
- Related links
- Centre for the Law and Economics of Cyber Security