What is Cybersecurity Whistleblowing?

Written by Ravi Sattiraju on November 4, 2017

In today’s world, cybersecurity is a hot topic. Cybersecurity is the security of electronic data against theft and compromise by unauthorized users. When a service provider’s cybersecurity is compromised, its clients’ data can be stolen and used without their consent. Along with this, the company’s trade secrets and other confidential information can also be leaked and used in ways that can undermine and even harm it.

Whistleblowing is the act of notifying upper management, industry regulators, government authorities, and the public of breaches, unethical actions, and illegal behavior committed by one’s employer. Without whistleblowers, cybersecurity breaches and similar events would largely go unreported. Because of the important role whistleblowers play in protecting the public and parties involved with their companies, numerous laws exist to protect whistleblowers and their rights. One of these is a section of the Sarbanes-Oxley Act.

The Relationship Between Cybersecurity and Whistleblowing

When a company has strong cybersecurity measures in place, its customers benefit by having their data protected. Think about how many companies have personal data about you somewhere on their servers: your employer, your bank, any subscription services you use, if you are a student, your university, social media platforms, and any business where you have used a credit or debit card to make a purchase. Government agencies like the Motor Vehicle Commission and the Internal Revenue Service also must maintain strong cybersecurity measures to protect data like citizens’ social security and driver’s license numbers.

The average consumer has no way to see what goes on “behind the scenes” at the companies they use and the government agencies that serve them. Similarly, industry regulators and government agencies generally cannot see which security measures are in place and how they are managed, which leaves the protection of large swaths of sensitive data on the shoulders of companies’ and agencies’ web development and security teams. As the only parties with this privileged information, they are often the only parties who can act as whistleblowers when necessary.

Notable Cybersecurity Whistleblowing Cases

Perhaps the most notable recent case involving cybersecurity whistleblowers is the Equifax breach. 143 million Americans’ data was compromised due to the breach, which Equifax discovered in June 2017 but did not disclose until months later. The case has been compared to the Enron scandal, where a whistleblower exposed wrongdoing at the company and faced retaliation as a result. New protections for whistleblowers were enacted after the Enron scandal to make it safer and more attractive for whistleblowers to come forward with this type of information and prevent innocent employees from suffering like many of Enron’s did after it was exposed.

Work with an Experienced New Jersey Whistleblower Protection Lawyer

The Sattiraju Law Firm, PC is one of New York and New Jersey’s premier employment law firms. We represent whistleblowers and other employees who face wrongful termination, discrimination, retaliation, and other issues like non-payment of wages. Contact our office today to set up your initial consultation with one of the experienced employment attorneys on our team.

Posted Under: New Jersey Employment Law
Tags: