SEC Fines Pearson $1 Million For Downplaying Severity Of 2018 Breach – Industry Comment

BACKGROUND:

Following the news that the SEC has fined UK education publishing company, Pearson, $1 million downplaying the severity of a 2018 cyber-attack, please see comment below from Industry experts.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Dominic Trott
Dominic Trott , UK Product Manager
InfoSec Expert
August 18, 2021 9:47 am

<p>The $1 million settlement agreed between Pearson and the SEC comes as the education sector faces increasing hostility from malicious actors. The NCSC warned in June that schools, colleges, universities and other education organisations should prepare for an increase in ransomware attacks in the coming months.</p>
<p>As the threat landscape evolves and while education remains firmly in the crosshairs, it is more important than ever to maintain an open dialogue. Only through collaboration and transparency can cyber researchers and technologists begin to turn the tide against cybercriminals intent on wreaking havoc in the sector.</p>
<p>As Pearson has learned, failure to properly disclose a breach can also be far more damaging to an organisation’s reputation and can incur severe legal penalties, particularly when customer data is involved. Breach disclosure processes should form part of an organisation’s blended approach to cybersecurity, layering a combination of people, process and enabling technologies to reduce the risk, minimise the impact of a breach should one occur, and demonstrate diligence and best practice to both customers and governing bodies.</p>

Last edited 1 year ago by Dominic Trott
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x