Technology start-ups have been urged by a leading regulator that they must incorporate cyber-security defences into their products from day one, rather than leaving it until they are successful.
Even after publicly exposed attacks, the Federal Trade Commission (FTC) warned that many companies fall short when trying to protect their consumers.
The FTC has made cyber-security a priority and is pursuing more than 50 companies for “deceptive and unfair acts” that violate consumer privacy. Some companies dislike being pursued by the FTC for inadequate security when they feels attacks, such as the recent breach at the US Office of Personnel Management, show that the government also struggles to protect personal data.
“If you want to be in business and you want to stay in business you absolutely need consumers to trust your products and services. At the FTC our jurisdiction is commercial security so that is what our focus is on,” said Edith Ramirez of the FTC.
The FTC is attempting to encourage companies to share best practices at a series of forums across the US, starting with the technology industry in San Francisco, California.
The Office of Technology, Research and Investigations centre was founded by the FTC earlier this year to grow its expertise and has recruited cyber-security experts at hacker conferences such as Def Con to help improve its skills base.