July 9, 2014

Is the SEC’s Enforcement Chasing Companies for Poor Cybersecurity Disclosure?

Ever since the widely-publicized hacking of Target last year, there have been rumors that a SEC enforcement action over that company’s cybersecurity disclosure is coming. Now, this Bloomberg article reports that a number of SEC investigations are underway – meaning that more than one company is being focused upon (and I have no idea if Target is one of them). My guess is when we see some of these SEC enforcements reach the point that they indeed are public, it won’t just be faulty disclosures that fall under the microscope, but internal & disclosure control deficiencies as well. This Morgan Lewis blog lays out the potential theory for that type of internal controls action…

Tune in on September 16th for our webcast – “Cybersecurity: Working the Calm Before the Storm” – to find out what you should be doing now before you land in hot water…

SEC v. Congress: House Says “No Thanks” to Insider Trading Subpoenas

This Bloomberg article describes how the House Ways and Means Committee and a top staff member say they are “absolutely immune” from having to comply with subpoenas from the SEC in the insider trading probe that I have blogged about before…

Podcast: The New COSO Framework

In this podcast, Brian Christensen of Protiviti addresses the status of the transition to the new COSO Framework – see Protiviti’s recent survey – as well as provides implementation tips, including:

– What are the primary differences between the new COSO Framework and the old one?
– Do companies need to transition to the new Framework, or can they stick with the old?
– Can you explain where companies stand in their implementation efforts & why?
– What resources are available to assist companies with the transition?

– Broc Romanek