Magazine article Strategic Finance

Sec Cybersecurity Disclosure Guidance Dissatisfies Some

Magazine article Strategic Finance

Sec Cybersecurity Disclosure Guidance Dissatisfies Some

Article excerpt

The new U.S. Securities & Exchange Commission (SEC) guidance on disclosure of cybersecurity risks is drawing criticism. That guidance, issued in March 2018, replaces an earlier version issued in 2011. The new version was issued by the SEC, not the SEC's Division of Corporation Finance as was the case in 2011, giving the new guidance a higher profile. It also is more explicit in some areas-for example, underlining the importance of disclosure explaining how a company's board of directors is overseeing cybersecurity risks at the company. The typical route for disclosure is the filing of a Form 8-K. Cybersecurity attacks must be reported when they're material. But Rep. Stephen Lynch (R.-Mass.) voiced concern to William Hinman, the new director of the Division of Corporation Finance, at a hearing on April 26, 2018, in the House subcommittee on Capital Markets, Securities, and Investment. Lynch noted that only 3% of the 82 major cybersecurity attacks on public companies in 2017 were reported on Forms 8-K. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.