• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Current News   »   SEC announces data breach disclosure guidelines

SEC announces data breach disclosure guidelines

  • Posted on:October 26, 2011
  • Posted in:Current News, Spotlight
  • Posted by:
    Trend Micro
0

In response to increasingly serious cybersecurity threats emerging across all industries, the Securities and Exchange Commission has formally asked publicly-traded companies to disclose hacks and data breaches for the first time.

According to the Globe and Mail, data security advocacy efforts from Senator John Rockefeller may have inspired the SEC's timely response. Rockefeller had been concerned that a lack of clear disclosure guidelines made it more difficult for investors to pursue new ventures with confidence.

“Intellectual property worth billions of dollars has been stolen by cybercriminals, and investors have been kept completely in the dark. This guidance changes everything,” the Senator told the news source. "It will allow the market to evaluate companies in part based on their ability to keep their networks secure. We want an informed market and informed consumers, and this is how we do it.”

The growing complexity and gravity of recent Internet security threats have caused much more than bothersome network disruptions and administrative headaches. SEC officials suggested that companies falling victim to cyberattacks could face a variety of unexpected costs associated with litigation settlements, increased IT costs, lost revenue and reputational damages.

According to the Financial Times, Sony recently announced that it may lose more than $170 million as a result of cybercriminals compromising the company's online gaming networks. However, it's worth noting that a number of similar cases have likely been kept under wraps prior to the new legislation.

Critics have suggested that regulators have already been too slow to respond, but the SEC guidelines do provide welcome, actionable advice. The agency explicitly identifies how risks should be assessed and how findings should be reported to investors. In the case of a "material" breach, for example, companies may be required to identify exactly what was stolen and how it could affect future business operations. Regulators also specifically warn against the use of intentionally vague statements when addressing investors or regulators.

Internet security has been on the minds of many public sector agencies of late, as a number of government organizations launch initiatives in response to National Cyber Security Month. The SEC guidelines are a prime example of the cross-sector collaboration being called for by security experts and legislators. The burden of protecting consumer information can no longer rest on any one set of shoulders as cybercriminals devise increasingly complex data security threats.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. SEC breach response shows willingness to lead by example (op/ed)
  2. Morgan Stanley data breach affects 34,000 investors
  3. SEC may ask for more information after cyberattacks
  4. OTA releases data breach readiness guidelines

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.