Tuesday, January 10, 2012

Cyber Attacks May Be Revealed to Investors as SEC Rules Push Disclosures

Note: This was bound to happen as more and more companies become victims of Cyber Espionage. Has your company become a victim of Cyber Espionage? And, more importantly, does your company have a Cyber TSCM / Cyber Counterespionage strategy in place to mitigate this risk? 
Contact me, I can help. ~JDL

bloomberg.com

China-based hackers rifled the computers of DuPont Co. (DD) at least twice in 2009 and 2010, hunting the technological secrets that made the company one of the world’s most successful chemical makers.
It’s not something investors would have learned from DuPont’sregulatory filings, or from those of other companies victimized by hackers. The 10-K’s DuPont submitted to the U.S. Securities and Exchange Commission over the period don’t identify hacking as even a significant risk, much less reveal what two U.S. intelligence officials later said was a successful case of industrial espionage.
Over the next three months, as publicly traded companies file 10-K’s, investors may see new admissions of corporate networks being hacked after the SEC said companies can’t continue to hold back the details of those incidents.
As cyberspies from China, Russia and other countries ransack the computer networks of one major U.S. and European firm after the next, the SEC in October offered its new interpretation of disclosure requirements as applied to cybercrime. The amount of information that’s forthcoming will depend on whether company lawyers determine the incidents had, or will have, a material effect on the enterprise.
Daniel Turner, a spokesman for Wilmington, Delaware-based DuPont, said, regarding the previously-reported hack, “We let our disclosures speak for themselves.”

No comments: