Let me understand this correctly......... the VA was given a warning the breach would happen and still did nothing about it??? Lets do quick poll of all the companies out there that have been hacked, ask them if they were given a heads up what would they do.
I would bet they would do anything to get that sort of info, so where does this leave the VA? I would say they need to be seriously delt with, to ignore a rules and regulations (FIPs 140-2, Hipaa, PCI ........) is one thing but to ignore a serious vunrabilty in you IT infustracture when you have been given a warning ....... what should the punishment be?
No comments:
Post a Comment