Congress May Impose Cybersecurity Reporting Requirements

With cyberattacks on the rise and some companies still unprepared to deal with the aftermath, Congress may get involved by requiring public companies to file cyber reports with the Securities and Exchange Commission (SEC).

The Internet remains one of the last unregulated frontiers and many who use it to make money would prefer to see it stay that way. However, some members of Congress believe that the chief executive officers need to take a more active role in knowing whether their company is prepared for information systems failure. Thus, the potential reporting requirement.

"The government has essentially relied on the voluntary efforts of industry both to make less buggy software and make systems more resilient," Michael Vatis, former director of the National Infrastructure Protection Center at the FBI told the New York Times. "What we're seeing is that those voluntary efforts are insufficient, and the repercussions are vast."

Rep. Adam Putnam (R-FL), chair of the House Government Reform Committee's Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census, is reportedly considering introducing legislation later this year to address the knowledge gap that occurs when no one tracks just how far reaching the results of cyberattacks can be. The reporting requirement would go a long way toward filling that gap.

While the primary focus of Congress’ Internet attention will stay on anti-spam legislation, the subcommittee will consider cybersecurity reporting that could parallel the reporting requirements laid out by the 2002 Sarbanes-Oxley Act.

Experts say that Congress should avoid a “one size fits all” law, since a variety of uses and requirements exist among corporations.

"Different companies have different security needs and different risks. So it's impossible to set up a mandate for everyone,” Daniel Burton, vice president of government affairs for security vendor Entrust, told PC World.

You may like these other stories...

Regulatory compliance, risk management and cost-cutting are the big heartburn issues for finance execs in the C-suite. Yet financial planning and analysis—a key antacid—is insufficient.That's just one of the...
Continuing its efforts to simplify accounting procedures, the FASB has issued a proposed Accounting Standards Update on customer fees paid in a cloud computing arrangement. The newly-proposed update (Intangibles—...
How are you planning? What tools do you use (or fail to use) for forecasting? PlanGuru is a business budgeting, forecasting, and performance review software company based in White Plains, N.Y. AccountingWEB recently spoke...

Already a member? log in here.

Upcoming CPE Webinars

Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 10
Transfer your knowledge and experience to prepare your team for the challenges and opportunities of an accounting career.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.
Sep 26
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.