http://www.darkreading.com/compliance/167901112/security/vulnerabilities/232200757/2012-compliance-checklist.html By Ericka Chickowski Contributing Editor Dark Reading Dec 05, 2011 When the calendar flips over to a new year in January, organizations will be faced with a new round of compliance demands piled on to the existing ones that they may already be struggling to deal with. Here's what a range of industry insiders say should make any organization's to-do list in the coming year. Show Shareholders The Dirty Laundry, Per SEC Demands The SEC released a guidance in October this year that asks public companies to disclose data breaches and 'material cyber attacks' that would raise shareholder eyebrows. This means publicly traded companies need to be ready to report to investors the financial ramifications of hacks and breaches that hit them starting in 2012. "Members of our profession frequently lament the lack of awareness and visibility of cybersecurity issues with the senior management," says Michael de Crespigny, CEO of Information Security Forum. "This SEC guidance, speaking to management about obligatory disclosures, provides another opportunity to change that. Information security leaders should take the initiative to raise this issue with senior management and explain how your organization should respond." [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Tue Dec 06 2011 - 02:53:36 PST
This archive was generated by hypermail 2.2.0 : Tue Dec 06 2011 - 02:55:23 PST