Just watching back through bits of this week's video, the thing that's really getting at me is the same thing I've come back to in so many past videos: lack of organisational disclosure after a breach. Lack of disclosure to impacted customers, lack of disclosure to the public, and a general apathy towards the transparency with which we expect organisations to behave post-breach. This is a topic I'm increasingly pushing in front of governments and law enforcement agencies, and it'll be front of mind during my visits to the US and Canada this coming week and next. I have a longer form blog post in draft I'll try and wrap up before those meetings, hopefully that'll be one to talk about in next week's update. For now, see what you think of how I've framed the issue here:
References
- Sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.
- The exploding pagers and walkie-talkies in Palestine is a fascinating story (one day, we'll learn more about how this was pulled off)
- My 3D printing talk with Elle (11) at NDC Oslo is now up (so, so proud 😊)