RJ and Makay

Friday, May 18th

Open Positions | Careers | Privacy Policy | Bookmark | FAQ | Contact Us  

You are here: Hacked companies reluctant to admit it
http://www.rjandmakay.com/components/com_gk2_photoslide/images/thumbm/537321header_1.jpg http://www.rjandmakay.com/components/com_gk2_photoslide/images/thumbm/963038header_2.jpg http://www.rjandmakay.com/components/com_gk2_photoslide/images/thumbm/981787header_3.jpg http://www.rjandmakay.com/components/com_gk2_photoslide/images/thumbm/923473header_4.jpg

RJ & Makay

Our view of news, events and human capital trends in the financial services industry.

Hacked companies reluctant to admit it

Posted by: RJ and Makay on Feb 02, 2012

>> Read More RJ & Makay Blog Posts

Cyber securityCyber criminals have infiltrated the computer networks of at least a half-dozen major U.S. companies, but the firms have not admitted the incidents despite recent Securities and Exchange Commission (SEC) guidance urging such disclosures.  Top securities officials believe that hacking is common in the corporate world yet companies are reluctant to admit such breaches.

Since the SEC guidance, a Reuters review of more than 2,000 filings revealed that a vast majority of firms only used boilerplate language to describe a general security risk.

Last May, Lockheed Martin Corp. said it had fought off a “significant and tenacious” cyber attack.  Yet the firm’s most recent 10-Q quarterly filing, and its 10Q filing during the period of the attack, does not mention hacking as a generic risk or even state that it had been targeted.

Lockheed spokesman Chris Williams said the May 2011 attack had “no material effect on our business.”

In light of the SEC guidance, companies that are aware that they have been hacked will “have to work pretty hard not to disclose something about the scope and risk of the intrusion,” said corporate attorney Stewart Baker, the former assistant secretary of the Department of Homeland Security.  “This is an opportunity for enforcement that practically hands the case to the SEC on a platter,” Baker said.

“It’s common knowledge” that most big defense firms have been infiltrated, said Jacob Olcott, the former counsel for the Senate Commerce committee.

At VeriSign, a company that manages a key Internet database for routing traffic to websites and email addresses, private information was exposed after multiple hacking incidents in 2010, the firm disclosed last year.

“The occurrences of the attacks were not sufficiently reported to the company’s management at the time they occurred for the purposes of assessing any disclosure requirements,” VeriSign said in an SEC filing last October.

A person close to the SEC said the agency expects fuller cyber-attack disclosures in annual corporate 10-Q forms that will be filed in large quantities this month.

RJ & Makay

 

Source:

 

Hacked companies still not telling investors (http://www.claimsjournal.com/news/national/2012/02/02/200132.htm).  Claims Journal (for Reuters), February 2, 2012

VeriSign, maintainer of net’s DNS, warns it was repeatedly hacked (http://arstechnica.com/business/news/2012/02/verisign-maintainter-of-nets-dns-was-repeatedly-hacked.ars). ars technica, February 2, 2012


[ Back ]