Global Financial Strategy

Search the site   >>Advanced search
First for financial regulatory news and views
HOME   |   REGISTER   |   SUBSCRIBE   |   NEWS   |   ANALYSIS   |   INTERVIEWS & FEATURES   |   EVENTS   |   MUTTERS   |   JOBS   |   MY ACCOUNT
EUROPE   |    US & CANADA   |    ASIA PACIFIC   |    MIDDLE EAST & AFRICA   |    LATIN AMERICA & CARIBBEAN   |    OFFSHORE   |    SINGAPORE   |    HONG KONG
TRADING   |    CASINO MARKET   |    BANKING   |    INSURANCE   |    FINANCIAL REPORTING   |    TAXATION   |    MACROECONOMIC   |    PROFILES   |   CONTACT   |   
  • MF Global spoke of 'strong' finances
  • EC: No corp gov powers for ESAs
  • FSA appoints senior investment bank adviser
  • GFS has now closed
  • Czechs join UK on fiscal compact sidelines
  • Davos stalemate on EU's IMF funds
  • Tucker: Resolution regime 'top priority'
  • Saudi Arabia increases central bank role
  • FSB urges Canada for one securities regulator
  • CFTC set for committee to scrutinise HFT
  • Fitch downgrades Belgian banks
  • What corruption really costs
  • UK FSA pushes for Mifid II rethink on OTCs
  • Shanghai boosts global financial status
  • Canada aligns credit rating rules with EU
  • Bowles blasts lack of women at ECB
  • Sarkozy to introduce French FTT in August
  • Barnier warns on further bonus reforms
GFS LinkedIn
GFS Facebook
GFS Twitter
GFS RSS feed
You must be logged in to use this function.


US firms urged to disclose cyber attacks

Friday 14 October 2011 – by Karina Whalley

Firms hit by a cyber hacking will have to disclose what impact the attack had on its operations, the US Securities and Exchange Commission has ruled.

For the first time public firms have been asked to adhere to guidance, issued on Thursday, encouraging them to make a number of disclosures about cyber security risks and incidents.

“[Public companies] should consider the probability of cyber incidents occurring and the quantitative and qualitative magnitude of those risks, including the potential costs and other consequences resulting from misappropriation of assets or sensitive information, corruption of data or operational disruption,” the guidelines state.

The release comes in the wake of a raft of hacking incidents over the past year, most notably featuring an attack on the servers of Sony which saw the data of over 77m of its PlayStation users being compromised.

Among the issued guidance, firms are asked to gauge their unique risk of falling victim to an attack.

Related articles:
Does the answer to hackers lie in our youth?
Shock bidder emerges as IMF cyber attacked
UK Treasury tells of daily cyber attacks
Senator demands action on cyber security
Cyber security a priority for institutions

Companies should consider their vulnerabilities based on any prior cyber incidents, the severity and frequency of any attacks, any preventative actions it can perform, as well as any threats within the industry.

Detailed descriptions of any cyber incidents should also be divulged.

Noting the problem of firms having to provide too much information, the SEC said: “We are mindful of potential concerns that detailed disclosures could compromise cyber security efforts – for example, by providing a ‘roadmap’ for those who seek to infiltrate a registrant’s network security – and we emphasise that disclosures of that nature are not required under the federal securities laws.”

Registered companies are also encouraged to calculate the costs of any cyber attacks, including the loss of stolen material intellectual property and possible indirect costs such as litigation fees.

All legal proceedings linked to cyber attacks also have to be divulged.

Hacking incidents could make a large dent in a firm’s financial statements. Companies should detail how much it has spent in preventing the attacks, how much it has lost on asserted and unasserted claims, and should also make estimations about future lost cash flows resulting from a cyber attack.

The SEC said that companies’ increasing dependence on digital technologies has made them more vulnerable to online attacks, prompting the regulator to create the guidelines.


WHAT DO YOU THINK?
 
Name:
   
Email:
   
Comment:
   
Post as Anonymous
  Display name
   
Please, enter security code
   
 

No comments yet.
Login Register Most read Most commented
Username

Password

>> Forgotten your password?
>> Sign Up  

GFS is pleased to offer you a two-week free trial. You will receive a daily email bulletin of the latest regulatory news and analysis and a weekly email round-up. Please complete the free trial form. You will also receive full access to our online site.

EDITOR’S CHOICE

  • Diamond warns against ‘Balkanisation’
  • ABI: UK insurers must keep EU links
  • EU Parliament site hit by hacktivists
  • George Soros: New year, same crisis
  • FSB: Swiss regulator needs more teeth
  • OCC: Deriv fears are an overreaction
  • ‘Major wave’ of Solvency II drafts in May
  • IMF paper urges Aus bank capital boost
  • BoE: Limit bonuses to boost bank capital
  • 2012 vision: Increased regulatory exposure looms
  • Barnier offers hope to NYSE/Boerse
  • Esma rushes short selling consultation
  • Bowles re-elected as Econ chair
  • Hoogervorst hints at accounting slowdown
  • Asia in the year of the dragon
  • Barnier: FTT will not be forced on UK
INTERVIEWS & FEATURES

STRAW POLL

Will markets in 2012 have a tougher time than 2011?

Yes

No

Don’t know

View results

FIND A REGION
 
Global Financial Strategy - [email protected] | Home | Legal | Contact design by SDV