SEC sounds cyber 'wake-up call' to public companies

"Riana Pfefferkorn, cryptography fellow at Stanford Law School's Center for Internet and Society, said the enforcement action could "light a fire" under other public companies to disclose their own cybersecurity incidents, though the case may not help determine where to set the bar for reporting.

"If you're an executive for a publicly traded company, you might be looking at this data saying, 'That was so bad — laughably bad,'" she said. "'How do we know, when we have an incident like this, where that falls on the spectrum of what the SEC's going to decide merits enforcement?'""