[BreachExchange] These are the Top 10 Worst Foreign Countries in which to Suffer a Data Breach

Fri Apr 21 13:57:46 EDT 2017

http://chiefexecutive.net/top-10-worst-foreign-countries-suffer-data-breach/

As if the direct costs and reputational damage of suffering a cyberattack
weren’t enough, governments in various countries also mete out punishment
for breaches of customer privacy.

Of course, it’s the hackers who are ultimately responsible for cybercrimes.
But governments often hold companies up to high compliance standards that
can put their executives in hot water should customer data be stolen.

And some countries enforce much stricter regimes than others, challenging
CEOs of multinational companies to adapt internal protocols to cover all
their bases.

South Korea has the harshest settings, according to Bloomberg Law, which
has just listed the top 10 countries with the highest data breach
notification compliance risk.

“While news coverage has made privacy a topic of intense interest in the
U.S., understanding the international regulatory environment is no less
important to U.S. companies doing business abroad,” the report’s authors
said.

Businesses operating in South Korea face a very high compliance burden and
intense level of law enforcement. They can face potential criminal fines of
$700,000, civil fines of $26,500 and even criminal imprisonment. All
together, the country was given an index score of 83 out of a 100 by
Bloomberg Law, a very high negative score.

In 2014, dozens of top executives at Korean financial firms including KB
Financial Group resigned after hackers stole millions of customer credit
card details. A local karaoke chain, K Box, was even fined around $50,000
last year for failing to protect financial data.

“The privacy law regime of South Korea is very complicated and detailed and
has been subject to frequent change in recent years. Privacy laws overall
have been strictly enforced by regulatory authorities, particularly law
enforcement authorities,” the report said.

Tied for second on the list were Columbia and Mexico, while France took out
fourth and Japan fifth.

French authorities are especially active in pursuing companies that
experience breaches and can impose civil fines of just over $3 million,
though the highest fine imposed there last year was €100,000 against
Google. Individuals found not following rules in Japan, meanwhile, can face
six months imprisonment.

Rounding out the top 10 in descending order were Spain, the Philippines,
Belgium, Germany and Hungary.

The regulatory burdens in Germany and Hungary are lighter than the other
eight countries in the top 10; though, at up to $11.6 million, Germany had
the biggest potential criminal fines.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170421/d86543cf/attachment.html>