Even before Russia’s invasion of Ukraine, cyberattacks had been on the rise, leading to provisions from regulatory bodies such as the mandatory disclosures of incidents to protect investors and alert other businesses alike.

Now, some attorneys and cybersecurity experts are asking if forced reporting of breaches and attacks at the level of detail that the U.S. Securities and Exchange Commission (SEC) mandates might actually be causing more harm than good, by inadvertently publicizing the sensitive cybersecurity policies of companies. Others wonder if the culture of communicating such breaches is just as important as safeguarding the highly liable details, and if so, can there be a balancing act between the two?

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]