• Telorand@reddthat.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    5 months ago

    Oversight: I would add a mandatory security audit annually, that they have to pay for, and which occurs during a given quarter at random (so you can’t “put on your best face” for a single day).

    The security audit cost is partially subsidized if they agree to a second audit 6-9 months after the first (tax funded).

    Accountability: I would add Prison time as a minimum penalty for the CEO and CIO, and the punitive damages must be a percentage of their profits (no flat rates), which is in addition to any compensatory damages awarded to plaintiffs. The penalty shall be used to help pay for future audits.