Re: Companies about to take security seriously?
"If BA is found to be liable I hope they get a fine in the £100's of millions"
Their quick disclosure takes them out of the top tier of fines.
A more desirable outcome would be for them to have relatively little in terms of fines to be contrasted with someone who tries to cover up being hit really hard. If BA were fined heavily after a quick disclosure it would send the wrong message entirely. It would suggest that the difference in penalty between covering up and being found on the one hand and owning up on the other wasn't great. That would lead to a risk analysis that it would be worth trying to cover up to avoid any penalty as the additional cost price of failing over the certain cost of notifying would be minor.
Biting the hand that feeds IT
