Archive

U.S. Security and Exchange Commission Tells Companies to Disclose Cyber Attacks

Posted Mon, Oct 17, 2011 by Martuk

2011 has been an eye-opening year for Internet security following a huge breakout of cyber attacks. Most notably was Sony’s breach of the Playstation Network and Sony Online Entertainment services in April that resulted in more than 100 million accounts being compromised. But it didn’t stop there. Several other game companies were plundered for account details that include names such as BioWare, Bethesda, Codemasters and more recently, a possible issue has turned up at Turbine, developer of The Lord of the Rings Online. Thus far Turbine has urged players to change their passwords, but have been quiet about any further details.

The SEC added new guidelines last Thursday following pressure from members of congress that asks any publicly traded company to disclose when they are the victim of a security breach or cyber attack. Under the new guidelines, companies are not required to explain how they intend to improve defenses against cyber attacks, but they are obligated to disclose information to investors on costs relating to fixing the network, lost revenues, increased security costs, litigation expenses, and loses related to losing customers and damage to the company's reputation.

Senator John Rockefeller explained in a statement to Reuters the goal of the new guidelines aimed at informing investors and consumers.

"It will allow the market to evaluate companies in part based on their ability to keep their networks secure. We want an informed market and informed consumers, and this is how we do it," Rockefeller said in a statement.

Gaming isn't the only industry taking a pounding from cyber crime. Google, Lockhead Martin, Citigroup and many others have also been plundered for information.

Sources:
via
Venturebeat
Reuters

News from around the 'Net