Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Business cyber security disclosure bill introduced in U.S. Senate

Reprints

(Reuters) — Companies would have to disclose publicly whether they have anyone on their board who is a “cyber security expert” under legislation introduced in the U.S. Senate on Thursday.

The outlook for approval of this proposal was unclear, but it comes at a time of growing concern in Congress about damaging computer hacks that have hit companies such as Target Corp., Anthem Insurance Companies Inc and Home Depot inc.

The measure, from Republican Sen. Susan Collins of Maine and Democratic Sen. Jack Reed of Rhode Island, would require the disclosure in companies' filings with the U.S. Securities and Exchange Commission.

It would not require companies to take any action beyond disclosure. Companies lacking a cyber security expert would have to explain themselves and say what other steps they are taking to improve their cyber security.

The bill would require the SEC and the National Institute of Standards and Technology to provide guidance on the minimum qualifications for what is considered a cyber security expert.

A separate cyber security proposal was tucked into a massive federal spending bill released on Wednesday.

That measure aims to cajole the private sector into sharing more cyber threat data with the government by expanding company liability protections, an arrangement intended to improve hack detection and prevention.

Read Next

  • SEC says criminal probes hindered by lack of access to stored emails

    (Reuters) — Active investigations into foreign bribery, accounting fraud and manipulation are potentially being hindered amid an ongoing legal debate over whether U.S. enforcement agencies can get archived emails from the cloud without obtaining a warrant, a top U.S. securities regulator said on Wednesday.