Recent Study Finds Cybersecurity Disclosures May Fail To Meet SEC Guidelines

Hackers aren’t the only ones after company information. Earlier this week, Wills Fortune 500, a unit of Wills Group Holdings, a global insurance broker providing insurance and risk management services, made available its own report  tracking the response by Fortune 500 companies to the SEC’s October 2011 guidelines for cybersecurity disclosures. The report’s key findings include that, as of April 2013, 85% of Fortune 500 companies were following the SEC guidelines and providing some level of disclosure of cyber exposures. However, close to 40% of the companies failed to provide details on the size of their exposure, stating only that the risk would have an impact on the company without further discussing the extent of the impact. As such, the report concluded that the question whether company disclosures rise to the level mandated by the SEC is debatable, given the paucity of information regarding the probability of incidents and their quantitative and qualitative magnitude.

In light of the findings of the Willis Fortune 500 report, it’s not surprising that SEC Chairman Mary Jo White had previously asked the Commission to evaluate compliance with current guidelines for cybersecurity disclosures, assemble a report on the general practice and compliance with the existing guidelines, and make recommendations for further guidance.

 


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Orrick - Securities Litigation and Regulatory Enforcement Group | Attorney Advertising

Written by:

more+
less-

Orrick - Securities Litigation and Regulatory Enforcement Group on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×
Loading...
×
×