DailyPost 2203
FORMER UBER SECURITY CHIEF CONVICITED!
There is nothing called self-regulation is slowly what the world is made to experience. The users are always taken for a ride, Uber or otherwise. Data is traded in more ways than one and way beyond even an expert user can even imagine. That reputation of the company is above the rights of the users is a well-established fact. The self-regulators; companies and industries that be, start looking for cover, when they are caught doing the same acts which was supposed to be automatically regulated. Businesses have money as their only friend, and nothing can come in between them, it can only be hard coded regulators diktats and its execution, which can do the saving act.
It is in this backdrop we need to see and evaluate the recent conviction of former Uber security chief for covering up data breach. It seems the practice has been the order of the day then and might be the same has come down to this day. Anyway, in this what caught is crime and rest is the normal course of functioning. Crimes camouflaged on a regular is the nature of business environment in which we work. Companies very rarely on their own come out with revelations, which cut at the root of their credibility or trust. Joe Sullivan, ex Uber security chief has been accused of obstructing the regulator’s investigation in this cyber security case.
He had been hiding details from the US regulators of the Uber 2016 data breach, and has paid off the hackers in return for their discretion. This pathbreaking trial happened to be the most closely watched in the cyber security circles given the fact that it was the first prosecution of a company executive over the handling of a data breach. Uber paid $100,000 to two hackers who threatened to expose data from millions of drivers and riders on the platform. Joe Sullivan was fired in the year in 2017 over this incident. He has now been found guilty on Tuesday by a San Francisco jury of obstructing an investigation by the Federal Trade Commission.
The strangest part is that it was being done when the regulator was already investigating Uber over a different cyber security lapse, which happened in 2014. He was convicted a second count related to having knowledge of but failing to report to the regulators. The laws of the game are clear, but the IT behemoths are convinced of the fact that they can get away with it. More often than not, it happens that way, and that is the source of such strength in the cases of this nature. The event had eventually become public in 2017 when Dara Khosrowshahi, Uber CEO, disclosed the details of the attack soon after taking over. One industry comment sums up their feelings; ”The role of the chief security officer cannot become chief sacrificial officer if we want those roles to be effective.”
WILL JOE SULLIVAN’s CONVICTION BE THE GAME CHANGER IN REPORTING OF DATA BREACH CASES?
Sanjay Sahay