"Riana Pfefferkorn, cryptography fellow at Stanford Law School's Center for Internet and Society, said the enforcement action could "light a fire" under other public companies to disclose their own cybersecurity incidents, though the case may not help determine where to set the bar for reporting.
"If you're an executive for a publicly traded company, you might be looking at this data saying, 'That was so bad — laughably bad,'" she said. "'How do we know, when we have an incident like this, where that falls on the spectrum of what the SEC's going to decide merits enforcement?'""
- Date Published:05/01/2018
- Original Publication:E&E News