Friday, June 21, 2013

Companies Disclose More About Cyber Risks: Study

http://blogs.wsj.com/riskandcompliance/2013/06/20/companies-disclose-more-about-cyber-risks-study-finds/

 

  • June 20, 2013, 3:13 PM ET

Companies Disclose More About Cyber Risks: Study

In the last six months, there has been a 106% increase in the number of references to cybersecurity concerns in companies’ regulatory filings, according to an analysis of reports filed with the Securities and Exchange Commission.

There were 800 references to cybersecurity in companies’ SEC filings in the last six months, according to the study, which was released Thursday by Intelligize, which analyzes SEC filings. The study found while most companies broadly state the risk of being a victim of attacks, many have now begun disclosing specific incidents of attacks.

The uptick in cyberdisclosures coincides with increased scrutiny from the SEC. The SEC issued informal guidance in October 2011 on what companies should disclose about cybersecurity risks. That guidance created a voluntary corporate disclosure plan for companies.

In a May letter to Sen. Jay Rockefeller (D-W.Va.), SEC Chairman Mary Jo White said SEC staff have been reviewing whether companies have been disclosing enough information about their cybersecurity risks and protections over the last year. The SEC will use the information gathered in that review to see if companies are complying with the previously issued SEC guidance, White said in the letter.

Intelligize’s study found the threat of cyberhacking cuts across several industries. According to the study, 21% of the disclosures came from the telecommunications industry, 19% from computer and online services, 15% from consumer products, 12% from financial services and 12% from real estate and business services.

“Costs associated with individual cyberattacks can easily total millions of dollars when factoring in the impact to customer perceptions,” Intelligize chief executive Gurinder Sangha wrote in the study.

The study looked at companies’ disclosures about risks related to the U.S. Foreign Corrupt Practices, which prohibits bribes to foreign officials to win business. In the last six months there more than 2,000 references to the FCPA, the study found, a 33% increase from the previous six month period.

 

No comments:

Post a Comment