From the November 2011 issue of Treasury & Risk magazine

SEC Provides Guidelines For Disclosing Cyber Attacks

Agency doesn't want generic risk information, but warns against disclosing too much.

In the wake of the cyber attacks experienced by a number of large companies in recent months, including Citi, Google and Sony, the Securities and Exchange Commission’s Division of Corporation Finance provided companies with guidelines last month for disclosing cyber risks and cyber attacks.

Companies should disclose cyber risks and cyber incidents if the information would be important to an investor’s decision about the company, according to the guidance. It goes on to detail the various parts of SEC filings where such information might be included.


Advertisement. Closing in 15 seconds.