[ISN] SEC Is Pressed on Firms' Disclosures of Cyberattacks

From: InfoSec News <alerts_at_private>
Date: Thu, 12 May 2011 02:14:13 -0500 (CDT)

The Wall Street Journal
MAY 12, 2011

A group of U.S. lawmakers wants the Securities and Exchange Commission 
to push companies to disclose when they have fallen victim to 

Three weeks after Sony Corp. was forced to shut down its PlayStation 
network by hackers who stole users' information, the group, which 
includes Senate Commerce Committee Chairman Jay Rockefeller of West 
Virginia, on Wednesday sent a letter to the SEC asking it to issue 
guidance stating that companies must report when they have suffered a 
major network attack and disclose details on intellectual property or 
trade secrets that hackers may have stolen.

The SEC guidance should also clarify that existing corporate-risk 
disclosure requirements compel companies to disclose if they are 
vulnerable to cyberattacks, the five lawmakers, all Senate Democrats, 

"In light of the growing threat and the national security and economic 
ramifications of successful attacks against American businesses, it is 
essential that corporate leaders know their responsibility for managing 
and disclosing information security risk," the lawmakers wrote to SEC 
Chairman Mary Schapiro.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Thu May 12 2011 - 00:14:13 PDT

This archive was generated by hypermail 2.2.0 : Thu May 12 2011 - 00:20:02 PDT