Tuesday, November 06, 2012
Getting hacked and staying silent about it is an embarrassment for corporate America. Sooner or later, the news comes out. While the SEC has emphasized that corporations must tell shareholders about material items, companies have not been disclosing loss of confidential data to online invaders. They are in for trouble if they persist in avoidance. There are two reasons to disclose: 1. Theft of corporate data IS material. Not only the loss of information but the fact that a corporation had a hole in its security is something shareholders and others should know. 2. By disclosing hacking, a company spurs efforts to prevent unlawful entry again. What is needed is general corporate cooperation to bar first then hunt down hackers wherever they are. Time and again, sources for invasion have been traced to China yet the Chinese government denies involvement and refuses to act. What is needed is pressure on countries that house hackers until something is done. Continuing to take losses and hiding them is lousy PR and a self-inflicted reputational issue.