MAY 11, 2022 | NORTH AMERICA | US
Businesses Seek to Soften SEC Cyber Rules
Wall Street Journal, May 11, 2022
By David Uberti and James Rundle
Companies including Chevron Corp. , Quest Diagnostics Inc. and Ernst & Young LLP are pushing to narrow proposed cybersecurity rules from the Securities and Exchange Commission in the private sector’s latest attempt to shape a growing array of regulations by Washington.
In comments on rules proposed by the SEC, businesses in recent days have urged the agency to harmonize its deadline of four business days to disclose security incidents with similar rules from other agencies. They also warned public disclosures could result in new compliance costs, additional confusion while responding to breaches and hits to their stock prices.
Others warned that public reports could provide hackers information while attacks are in progress. “If a registrant discloses that it is currently the victim of a material cyber incident, that would tip off the malicious actor that the registrant is aware they’re in the victim company’s systems,” said Henry Young, policy director at industry lobbying group BSA, The Software Alliance, which represents commercial software makers. That may prompt hackers to steal data faster, or speed up timelines on attacks such as ransomware strikes once tipped off, he said.
SOBRE A BSA
A BSA | The Software Alliance (www.bsa.org) é a principal defensora do setor global de software perante governos e no mercado internacional. Seus membros estão entre as empresas mais inovadoras do mundo, criando soluções de software que estimulam a economia e melhoram a vida moderna.
Com sede em Washington, DC e operações em mais de 30 países, a BSA promove programas de conformidade que promovem o uso legal de software e defendem políticas públicas que promovem a inovação tecnológica e o crescimento da economia digital.