In this episode Matt Kelly and I take a deep dive into the question of whether a company has a duty to disclose ransomware attacks. We consider it from the regulatory, legal, ethical, law enforcement, business, PR and some other angles. What may seem to be a straightforward answer to a regulatory obligation turns out to be anything but.
Press CTRL+C to copy embed code to clipboard