Become a fan of Slashdot on Facebook
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
If another private sector company had the same experience with that supplier they would probably be in court over it. But government is the one group that can penalize a company directly. Given this position, should it not also then be the task of the government to require proof of adherence through oversight in advance (and during) project execution?
Imagine if companies could simply declare each other to be “fined”.
In effect the ICO isn’t part of the government in this transaction, it’s an independent regulator. Therefore it is legitimate to take a swipe at the organisation as long as it can justify its actions before a court.
Where you may be right is that this perhaps means is that companies working for the government will be a little more careful about cutting corners; this would be good. Even better if it encourages companies to be careful about everybody they work with!
PayPal claims it can do exactly what you say: https://reason.com/volokh/2022… [reason.com]
Other finance companies have similar mechanisms, including chargebacks for credit cards.
If you think it’s hard to sue somebody in your own country, trying remotely suing somebody in Timbuktu. Outsourcees know this.
… ethnic origin, sexual orientation and religion were among the personal information compromised.
Why in hell had that information been collected in the first place? What business is it of anybody other than the individual employee and whomever he or she should decide to share it with? Why would an employer even ask those questions?
I don’t know if it is true or not but I have been told by the RMP of a young person just out of college who checked yes to all the “terrorist” boxes in a fit of humor. The RMP were fairly sure they were not a terrorist, however they took the opportunity to engage in a full scale armed raid of the home this person was staying in. That being their parents house and they were all turfed out of bed at 1am by armed soldiers who broke into the house and questioned. The RMP figured it was good training at the least, and it might have been true.
So be warned, governments have no sense of humor with these things – after all can you imagine the problem if they ignored a declared threat which was actually real?
For an example that more people can relate to, think of the signs about joking at an airport security line. Sure, if someone laughingly says “yes, I have a bomb in my bag”, a listener can probably guess whether they’re just joking or whether they really might — but the people who are responsible for performing the security checks need a higher level of certainty than “can probably guess”, so they’re going to take that statement very seriously and make sure it’s false before letting the person go through.
If you’re a “closet” homosexual, do they seriously expect them to answer “yes” in their questionnaire?
Then again, the immigration form for the US has a “are you a member of a terrorist organization” as a question…
Last time I went to the US (close to 20 years ago now) they had questions like, “Are you entering the US with the intention of committing a crime?” and one asking if you’re a foreign espionage agent. You’d have to be really stupid to answer yes to any of them. I think all it really does is allow them to bring charges of signing a false declaration if they catch you for any of the things they asked about.
Why would an employer even ask those questions?
Why would an employer even ask those questions?
Equality and diversity statistics.
UK law has anti-discrimination requirements where you need to be able to identify and report on this information for your employees for statistical and compliance purposes.
It’s pretty well a guaranteed requirement for any Govt etc contracts.
But then you choose the same flawed platform you get the same results.
But then you choose the same flawed platform you get the same results.
Phishing emails don’t give a fuck what platform you use. The comment you just made is the reason IT is still a security nightmare, a demonstration that even geeks who read news for nerds clearly don’t have a clue about IT security.
First off, Rishi is a nationalist. Nationalists, by definition, are racists themselves
Second, I declare my comment not racist
Second, I declare my comment not racist
That’s not how any of that works.
That’s indeed bigly non-PC, but damn funny. Thanks for shining some sun on my dreary Monday.
Well, if they have no qualified people in the country that could do the job…
Interserve’s system failed to stop a phishing email that an employee downloaded, while a subsequent anti-virus alert was not properly investigated.
Interserve’s system failed to stop a phishing email that an employee downloaded, while a subsequent anti-virus alert was not properly investigated.
Okay
The real question that governments need to start asking is why wasn’t the email system demanding encryption, signing and validation? If you just demand encryption, signing and validation you can stop 99.999% of attacks before they start, and yes I pulled that number out of my butt, but It’s probably in the ball park of accurate.
Okay
Okay
You’ve solved maybe 5% of possible email related phishing attacks. What else do you got?
There really is no way but punishment for bad IT security. The market completely fails on this question.
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
Freeway, Crypto Platform That Promised 43% Returns, Halts Withdrawals
Rishi Sunak To Be UK’s Next Prime Minister
“Help Mr. Wizard!” — Tennessee Tuxedo