SEC Guidelines “A Potential Game-Changer”
DATA PROTECTION—U.S.January 24, 2013
The Securities and Exchange Commission, in recognizing the reputational and financial risks to companies following a data breach, promulgated guidelines in 2011 on how cybersecurity risks should be disclosed by publicly traded companies. In this exclusive for The Privacy Advisor, Carlton Fields’ Rebecca Shwayri discusses steps such companies should take to properly protect themselves from the harmful effects of a breach. “Simply ignoring the impact that a cybersecurity incident may have on a company’s balance sheet is no longer a proper course of action,” she writes.