[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] 2012 Compliance Checklist
By Ericka Chickowski
Dec 05, 2011
When the calendar flips over to a new year in January, organizations
will be faced with a new round of compliance demands piled on to the
existing ones that they may already be struggling to deal with. Here's
what a range of industry insiders say should make any organization's
to-do list in the coming year.
Show Shareholders The Dirty Laundry, Per SEC Demands
The SEC released a guidance in October this year that asks public
companies to disclose data breaches and 'material cyber attacks' that
would raise shareholder eyebrows. This means publicly traded companies
need to be ready to report to investors the financial ramifications of
hacks and breaches that hit them starting in 2012.
"Members of our profession frequently lament the lack of awareness and
visibility of cybersecurity issues with the senior management," says
Michael de Crespigny, CEO of Information Security Forum. "This SEC
guidance, speaking to management about obligatory disclosures, provides
another opportunity to change that. Information security leaders should
take the initiative to raise this issue with senior management and
explain how your organization should respond."
Subscribe to InfoSec News - www.infosecnews.org