Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

2012 Compliance Checklist

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 6 Dec 2011 04:53:36 -0600 (CST)
http://www.darkreading.com/compliance/167901112/security/vulnerabilities/232200757/2012-compliance-checklist.html

By Ericka Chickowski
Contributing Editor
Dark Reading
Dec 05, 2011
When the calendar flips over to a new year in January, organizations will be faced with a new round of compliance demands piled on to the existing ones that they may already be struggling to deal with. Here's what a range of industry insiders say should make any organization's to-do list in the coming year. 

Show Shareholders The Dirty Laundry, Per SEC Demands
The SEC released a guidance in October this year that asks public companies to disclose data breaches and 'material cyber attacks' that would raise shareholder eyebrows. This means publicly traded companies need to be ready to report to investors the financial ramifications of hacks and breaches that hit them starting in 2012.
"Members of our profession frequently lament the lack of awareness and visibility of cybersecurity issues with the senior management," says Michael de Crespigny, CEO of Information Security Forum. "This SEC guidance, speaking to management about obligatory disclosures, provides another opportunity to change that. Information security leaders should take the initiative to raise this issue with senior management and explain how your organization should respond." 

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Previous By Date Next
Previous By Thread Next

Current thread: