Xfinity waited 13 days to patch critical Citrix Bleed 0-day. Now it’s paying the price::Data for almost 36 million customers now in the hands of unknown hackers.
Xfinity waited 13 days to patch critical Citrix Bleed 0-day. Now it’s paying the price::Data for almost 36 million customers now in the hands of unknown hackers.
In the real world, fines are a cost carried to the customer. So even with GDPR, the customer is still the loser in the situation.
Not in the EU. Fines can actually hurt here
So fines come with a requirement that a company can’t raise prices to recoup them?
Do you think companies aren’t already pricing their products at the maximum they think the market can bear?
They are, that won’t stop them going higher.
This thinking was brought up to convince people not to hold companies accountable.
Make it cost. And if the company refuses to correct the behavior they shouldn’t be allowed to operate. If there is no cost for bad behavior then said behavior becomes how you do business.
I’m not an opponent of fines, I just think they have no deterrence other than getting caught. Negligence at this level of public harm needs to carry jail time for the executives responsible for it.
Jail time would be outstanding honestly. I can get behind that.
Products are already priced at the point that will make them the most profits. That point doesn’t magically change when fines happen.
If there are two carriers, one just lost all your customer data and then got fined and has high prices, and then there’s another, which didn’t and has no penalties and lower prices because of it, who do you choose?
Even if only a percentage decide to go with the one who didn’t get fined, it’s still correcting to some degree as shareholder worth goes down and boards of directors ask on behalf of those shareholders and probably start asking for Replacements ceo and ciso, since clearly this negligence has hurt even the investor.
Or just not fine like the US nothing changes, directors happy. In fact, what a waste of money it was to do cyber security at all since it has no financial or market impact. Raises for the CEO and ciso.