Insightful &
Helpful Articles

Here is what we're working on and
thinking at Hedgehog security.

Cyber-security is a subject of great speculations today as virtual crime in the face of cyber-attacks by hackers is causing a lot of damage to the business around the globe. With the development of the technologies and the flood of online servicing on the market the issues faced with the security of the data transfer and personal information have brought the need of special measures to be taken to provide protection from unauthorized access. Such steps have been taken by the governments of countries around the globe as many infrastructures and laws have been placed to protect the data of the users. Furthermore, each company has set up their own security systems to guarantee the safety of their customer?s files.
While some take these steps alone and work out individual security plans for their data, others rely on third-parties to do the security work for them. These cyber-security professionals provide different types of services connected to the cyber-security and information safety. Some of them set up defense layers around your data which blocks the cyber-threats coming from attackers, while other are hired to collect the pieces of the lost information after such breach has already occurred. The contracts that are made with such third-parties are based on law and they are obligated to glue up the lost data and make sure there is no danger coming from such breach again. But what?s happening if they fail to do this?
The law states that the company which lost data due to a hacker attack is responsible for the leaked information about its customers and the damage they suffer from it. In other words the company is obligated to compensate its customers. But what if the company has hired a third-party which should prevent such unauthorized access? Or what will happen if such third-party fails to accomplish what their services promise as to collect back all the data and seal the breach protecting the company from the same attack in the future. Will it be responsible?
As said many already use the services of such third-parties that provide cyber-security services. Even so, this is not something that has been on the market for a long time. As there are already some similar cases before the court it will take some time for the law to decide how exactly it should be reacted to such situations. In many of the lawsuits the companies which are a victim of a hacker attack point out that they have contracts with a third-party to protect their data or collect it afterwards and seal the breach. They state that these cyber-security vendors have failed to deliver their services and thus owe them a full compensation for the damage taken. It can be said they see the contracts with them such as a type of insurance that cover up the risks of hacker attack. On the other hand such third-party security vendors point out that they have provided these companies with all the services described in the contracts and the risk of a cyber-attack still falls down to them.
These lawsuits are yet to be brought before the law and only the practice of the courts will give a proper answer who is responsible and for what.