Last week, Lanny Breuer, the Assistant Attorney General for the Department of Justice’s criminal division gave a speech in which he said U.S. banks have a duty to disclose cyber security breaches in order to protect its customers’ privacy and our nation’s security.
Any financial services company that doesn’t tell law enforcement about a cybercrime incident is compromising everyone’s security, Breuer explained during a speech at Fordham Law School.
“After a possible, brief delay due to a law enforcement investigation, the institution whose data has suffered a breach should inform the public that it happened,” he said.
Cybercrime — including “botnet” networks and hacking — is a very serious threat, he said, because it’s often perpetrated by skilled hackers working abroad. And let’s face it — we all know anti-virus software is simply not enough anymore.
Indeed, even the Justice Department is warning about the same thing.
“I don’t have to tell you that antivirus software is not the answer to our collective vulnerability to cybercrime. While antivirus software is critically important, it can only protect us from known vulnerabilities. And criminals around the world are working every day to come up with new ways to attack our computers and networks,” he said.
He also emphasized that one of the top priorities at the Justice Department is to protect the privacy of ordinary citizens by investigating and prosecuting the criminals who threaten it, through botnets and other means.
“It is important to recognize that, if hackers and other cybercriminals can steal your personal information, but law enforcement cannot obtain the data it needs to catch those criminals, our job to protect your privacy becomes that much harder,” he added.