Long a concern of information security specialists, the potential for material economic losses from internet-based intrusion has finally struck a chord in the investment community. Reports of a serious, nearly decade long, external penetration into information intended for only the most senior executives at Nortel Networks Ltd. has been one of the few public examples in which a company’s overall value has been compromised. In response to this risk for publicly traded companies, the Securities and Exchange Commission has issued informal guidance outlining cybersecurity disclosure obligations, requiring registrants to disclose their vulnerabilities and cyber-incidents and their cybersecurity plans, including what form of insurance, if any, they have.
Reproduced with permission from Privacy & Security Law Report, 12 PVLR 1421, 08/19/2013. Copyright 2013 by The Bureau of National Affairs, Inc. (800-372-1033) http://www.bna.com