The European Union has passed a regulation requiring telecommunications companies and Internet service providers to disclose data breach incidents in an effort to help secure customer information, Vormetric EMEA Vice President Paul Ayers writes for Government Security News.
Companies must inform authorities about detected theft, loss or unwarranted access to data within 24 hours after the breach occurred, Ayers says.
Ayers recommends telecom companies and ISPs review their data security strategies as the new regulation aims to address persistent and privileged user threats.
“Identifying unusual and anomalous access patterns by security administrators is a good way either to uncover a malicious insider within the security organization or an administrative account that has been compromised,“ according to Ayers.