News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-10-05T19:58:00
The timing of a recent cyberattack against Clorox juxtaposed against the Securities and Exchange Commission’s (SEC) adoption of its cybersecurity incident disclosure rule soon to take effect has presented a case study regarding how companies might seek to meet the requirements of the rule.
The SEC’s rule, finalized in July, will require public companies to disclose the nature, scope, timing, and impact of cybersecurity incidents deemed to be material within four business days. Large companies could be required to begin making the new disclosures as soon as December.
The case of Clorox’s cyberattack has been chronicled by media outlets, including the Wall Street Journal, as an example of what those types of disclosures might look like.
Clorox disclosed in an Aug. 14 regulatory filing it had been disrupted by a significant cybersecurity incident. A follow-up disclosure more than a month later revealed it shut down automated order processing and was handling orders manually, which impacted operations.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2024-02-05T21:50:00Z By Adrianne Appel
Cleaning products company Clorox disclosed the major cybersecurity incident that led to a shutdown of its automated order processing late last year has cost it about $49 million.
2023-12-11T19:29:00Z By Kyle Brasseur
Businesses seeking additional time before disclosing to the Securities and Exchange Commission the occurrence of a material cybersecurity incident must be prepared to provide detailed information on the matter to the Federal Bureau of Investigation.
2023-10-06T17:38:00Z By Jeff Dale
MGM Resorts International said it expects to take a $100 million hit as part of the fallout of a cyberattack that has most significantly impacted its Las Vegas operations.
2024-06-27T16:37:00Z By Aaron Nicodemus
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
2024-05-21T19:27:00Z By Adrianne Appel
The Environmental Protection Agency is increasing its inspections of public drinking water systems after finding a majority of those reviewed were vulnerable to cyberattacks and related threats.
2024-05-07T21:21:00Z By Adrianne Appel
Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.
Site powered by Webvision Cloud