SEC Chief Wants Investors to Better Understand Cyberrisk -- Update
September 05 2017 - 8:37PM
Dow Jones News
By Dave Michaels
NEW YORK -- The chairman of the Securities and Exchange
Commission said Tuesday that regulators and Wall Street need to do
more to educate investors about the serious risks that companies
and the financial system face from cyberintrusions.
Jay Clayton, speaking at an event sponsored by New York
University's School of Law, said investors still don't fully
appreciate the threat posed by hackers. "I am not comfortable that
the American investing public understands the substantial risk that
we face systemically from cyber issues and I would like to see
better disclosure around that," Mr. Clayton said.
Some cybersecurity experts have in the past called for the SEC
to require more specific disclosures by U.S. public companies about
cyberrisks, particularly following a 2013 breach at Target Corp.
that compromised the credit- and debit-card information of millions
of customers.
Mr. Clayton said the SEC would investigate companies that
mislead investors about material cyberrisks, but said the battle
against hackers is much broader and shouldn't be waged in
government "silos."
"We have to have our individual responsibilities, but we also
have to do our best to foster a collective approach to the issue,"
Mr. Clayton said.
The SEC's role in policing cybersecurity is more nuanced than
that of many state regulators, which investigated Target for what
they alleged was its failure to provide reasonable data security.
Target agreed in May to pay $18.5 million to resolve the probe.
The SEC is more focused on whether financial companies that it
directly supervises, such as brokerage firms and asset managers,
are protecting themselves and their clients against hackers. The
agency issued a risk alert last month that outlined policies it
sees as effective for mitigating the risks and highlighted some
deficiencies.
The markets regulator has occasionally taken enforcement action
against financial firms whose practices left customers' data
unprotected. It has also gone after individuals who hacked into
brokerage accounts in order to carry out insider trading or other
fraud. But it has never sued a public company over how it
communicated the threat of hacking or breaches that it
suffered.
Write to Dave Michaels at dave.michaels@wsj.com
(END) Dow Jones Newswires
September 05, 2017 20:22 ET (00:22 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Target (NYSE:TGT)
Historical Stock Chart
From Mar 2024 to Apr 2024
Target (NYSE:TGT)
Historical Stock Chart
From Apr 2023 to Apr 2024