Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: incident reporting

Security in the Dark

– I attended a roundtable recently at which someone mentioned that, in their experience, those familiar contractual requirements requesting third-party service providers to tell their customers about security breaches within a short time frame (within three  hours, say) are often not conveyed to…

SEC-urity’s Catch 22

– On October 13, 2011, the Division of Corporation Finance (DCF) of the Securities and Exchange Commission (SEC) issued CF Disclosure Guidance: Topic No. 2 – Cybersecurity, available at http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm . It provides the DCF’s “views…