Publicly listed US companies have been asked to disclose when they’ve been hacked, according to new guidance from the Securities and Exchange Commission. These new guidelines come as large and trusted companies are becoming victims of cybercrime. Companies are expcted to no longer hide online attacks if an attack could cause financial damage to the company or mislead potential investors.
Sony warned users about another attack against PlayStation and Sony networks this week, compromising 93,000 accounts. Citigroup was breached in June, and the data of 360,000 accounts was exposed. Then of course, there were the well covered attacks on Google, the US Air Force, the International Monetary Fund, RSA, Defense Contractors, Retailers, the list of recent incidents seems to go on and on.
Billions of dollars in cash, credit cards, and intellectual property is being stolen by criminals online, and investors have been kept in the dark. This guidance is supposed to change everything. Unfortunately it is only offred as GUIDANCE, not REGULATION, so I personally am not expecting much compliance here, but hope that companies start doing the right thing and start showing us all that we are under siege. Until the problem is shown in a clear light, and the public can see for itself the enormity of the problem, little will happen to change the perfect storm that is swirling around us all.