from here and here |
Well, this is an interesting development. Albanian IT staff get charged with negligence after a (supposedly) preventable cyberattack that they failed to prevent. Now, if it was really management's fault that things weren't kept up to date then I hope that comes out at trial and that the people who were really responsible are held accountable. This kind of legal action, combined with the uncertain future of cyber-insurance might just force businesses and organizations to finally start ponying up the funds to do security right. Or the decision-makers will find some other way to avoid accountability for not paying what should be the cost of doing business.