In response to the news that Facebook could face billions in fines for its recent data breach, please see below comments from Hitesh Kargathra, Lead Security Consultant at Falanx Group.
Hitesh Kargathra, Lead Security Consultant at Falanx Group:
“Organisations are being judged less on whether they have suffered a data breach and more on how these breaches are handled. Security is never going to be absolute for any organisation and cyber-attacks are becoming a fact of life, especially for high profile organisations such as Facebook.
Following the identification of the breach, Facebook were quick to address the vulnerability, take steps to minimise the risk of further user data compromise and inform the relevant authorities. Given the recent attention on Facebook by regulators within the USA and abroad, Facebook needed to demonstrate a robust approach to breach management that expressed a focus on the protection of user data and transparency of activities undertaken in response to the incident. So far they appear to have ticked the right boxes.
The breach is going to put further pressure on Facebook to validate how user privacy is protected. I would expect Facebook to publish further details of the breach following a more in-depth assessment, including how long user accounts were compromised prior to the identification of the breach, the impact of the breach on users and what steps have been taken to protect user privacy in the event of future breaches of the social media platform.”