It already works like this. Audits perform this function. Failing a mandatory audit generally goes very poorly for financial companies. The unintended result is falsified audits - something my former company did (still does?) every year. The banks and the Fed never found out.
Comment on [Opinion] Unending ransomware attacks are a symptom, not the sickness
INeedMana@lemmy.world 3 weeks ago
When a building needs maintenance bad enough that it doesn’t pass a set of regulations, it will get closed until fixed. Maybe we need something like that for IT infrastructure
Xaphanos@lemmy.world 3 weeks ago
roofuskit@lemmy.world 3 weeks ago
The insurance industry is filling in this gap right now for cyber insurance. They are requiring a certain level of security before they will write a policy. Try doing business with any other company without a huge cyber insurance requirement in the contract.
Linktank@lemmy.today 3 weeks ago
As well as international task forces to take down people who use borders as a means of immunity to take advantage of people.
solsangraal@lemmy.zip 3 weeks ago
my state mandated some minimum security standards for state-run orgs, like MFA etc. which are on the whole woefully inadequate. but also the budgets for IT depts haven’t gone up. so the same handful of underpaid IT guys (who regularly and rightly get poached) are saddled with an extra mountain of work while they’re already stretched to the limit. this is all YOUR data that’s housed in a straw hut surrounded by huffing and puffing wolves