Cybersecurity breaches need to be made public in a more proactive and efficient way. That was the crux of a letter Senator John Rockefeller IV (D-W.Va.) and four other senators today sent to the US Securities and Exchange Commission (SEC) asking the agency to bolster its corporate breach notification requirements. Rockefeller is the chairman of the US Senate Committee on Commerce, Science and Transportation.
The letter to SEC Chairman Mary Schapiro, stated "Securing cyberspace is one of the most important and urgent challenges of our time. In light of the growing threat...it is essential that corporate leaders know their responsibility for managing and disclosing security risk."
The letter stated that "our review of recent corporate disclosures suggests that material breach reporting, like information risk, is inconsistent and unreliable."
Cyber risk management is a critical corporate responsibility. Federal securities law requires publicly traded companies to disclose "material" risks and events, including cyber risks and network breaches. The SEC has longstanding authority to publish "interpretive guidance" to clarify corporate responsibilities, protect investors, and promote fair and efficient markets, the letter stated.
The letter was signed by four other senators: Sens. Robert Menendez (D-N.J.), Sheldon Whitehouse (D-R.I.), Mark Warner (D-Va.) and Richard Blumenthal (D-Conn).
Follow Michael Cooney on Twitter: nwwlayer8
Layer 8 Extra
Check out these other hot stories: