Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInCyber Breach Disclosures Still Take More Than a Month – CFO
After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days, but it is the third-highest […]
E&Y: What companies are sharing about cybersecurity risk and oversight
The U.S. Securities and Exchange Commission (SEC) issued guidance in 2018 promoting clearer and more robust disclosure about cybersecurity risks and incidents and how boards discharge their cybersecurity risk oversight responsibility. Our 2018 Cybersecurity disclosure benchmarking report explored how companies were responding to this guidance. We undertook the same research this year to help inform […]
S.E.C.’s New Cybersecurity Guidance Won’t Spur More Disclosures – The New York Times
Agatha Christie’s fictional sleuth Miss Marple once said in a BBC adaptation that “good advice is almost certain to be ignored, but that’s no reason for not giving it.” That may reflect how companies will respond to guidance recently issued by the Securities and Exchange Commission about how companies should deal with cybersecurity threats. via […]
A Dozen Obvious (and Not So Obvious) C-Suite Takeaways from the 2018 SEC Cyber-Disclosure Guidance | LinkedIn
To help manage this emerging challenge, this article unpacks the 2018 SEC Guidance into 12 key takeaways from the 2018 SEC Guidance, including a discussion of a particularly relevant SEC enforcement action and parallel criminal prosecution (probably not coincidentally) announced on the same day as the release of the SEC 2018 Guidance. via A Dozen […]
New Senate Bill Includes Jail Time for Executives Who Conceal Data Breaches
The bill, known as the Data Security and Breach Notification Act, seeks to implement nationwide breach notification standards and replace the confusing patchwork of state laws currently in place. If signed into law, the bill as is would impose new penalties on anyone convicted of “intentionally and willfully” concealing a data breach, including fines and […]
Yahoo’s Warning to GCs: Your Job Description Just Expanded (Big-Time)
While some may view this as an exceptional case driven by its unique facts, the actions taken by Yahoo’s board and the company’s public disclosures underscore a more significant and noteworthy trend as it relates to the role of the legal function, corporate governance, in general, and cybersecurity, in particular. Namely, that cybersecurity issues continue to […]
Data Breach Disclosure and National Security
Insights from the ABA White Collar Conference on data breach disclosure and national security.
Customers vent anger after CatchOfTheDay takes 3 years to reveal data breach — The Australian
Daily deals website CatchOfTheDay is struggling to win back customers’ trust after it emerged that some of its customers’ credit card details had been stolen — more than three years ago. The website, which also runs deals sites Scoopon, GroceryRun and Mumgo, and the food delivery service EatNow, reportedly wrote to affected customers on Friday […]
Michaels says 3 million customers hit by data breach – The Washington Post
Michaels has confirmed that credit and debit card information was stolen from 3 million customers who shopped at some of its stores during an eight-month period. via Michaels says 3 million customers hit by data breach – The Washington Post