Join Us On LinkedIn

After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days, but it is the third-highest […]
The U.S. Securities and Exchange Commission (SEC) issued guidance in 2018 promoting clearer and more robust disclosure about cybersecurity risks and incidents and how boards discharge their cybersecurity risk oversight responsibility. Our 2018 Cybersecurity disclosure benchmarking report explored how companies were responding to this guidance. We undertook the same research this year to help inform […]
Agatha Christie’s fictional sleuth Miss Marple once said in a BBC adaptation that “good advice is almost certain to be ignored, but that’s no reason for not giving it.” That may reflect how companies will respond to guidance recently issued by the Securities and Exchange Commission about how companies should deal with cybersecurity threats. via […]
To help manage this emerging challenge, this article unpacks the 2018 SEC Guidance into 12 key takeaways from the 2018 SEC Guidance, including a discussion of a particularly relevant SEC enforcement action and parallel criminal prosecution (probably not coincidentally) announced on the same day as the release of the SEC 2018 Guidance. via A Dozen […]
The bill, known as the Data Security and Breach Notification Act, seeks to implement nationwide breach notification standards and replace the confusing patchwork of state laws currently in place. If signed into law, the bill as is would impose new penalties on anyone convicted of “intentionally and willfully” concealing a data breach, including fines and […]
While some may view this as an exceptional case driven by its unique facts, the actions taken by Yahoo’s board and the company’s public disclosures underscore a more significant and noteworthy trend as it relates to the role of the legal function, corporate governance, in general, and cybersecurity, in particular. Namely, that cybersecurity issues continue to […]
Insights from the ABA White Collar Conference on data breach disclosure and national security.
Daily deals website CatchOfTheDay is struggling to win back customers’ trust after it emerged that some of its customers’ credit card details had been stolen — more than three years ago. The website, which also runs deals sites Scoopon, GroceryRun and Mumgo, and the food delivery service EatNow, reportedly wrote to affected customers on Friday […]
Michaels has confirmed that credit and debit card information was stolen from 3 million customers who shopped at some of its stores during an eight-month period. via Michaels says 3 million customers hit by data breach – The Washington Post