Industry May Favor FTC for Reporting Cyber-Security Plans
Corporate America is leery about filing cyber-security plans with the SEC because of its lack of expertise.Corporate America managed to thwart momentum this year for a law that would require public companies to report cyber-security plans to the Securities and Exchange Commission. Eager to mollify lawmakers who promised to bring the issue back up next year, the industry is now working toward a viable alternative.
The most aggressive reporting proposal under way is a draft bill by Rep. Adam Putnam, R-Fla. The bill would require public companies to file cyber-security plans with the SEC. Companies are particularly leery of SEC involvement, however, fearing that the agency lacks cyber-security expertise and that reporting could be costly.