U.S. pressures companies to report cybercrime

Amid whispers of sensational online break-ins resulting in millions of dollars in losses, it remains remarkably difficult to identify corporate victims of cybercrimes. Companies are afraid that going public will damage their reputations, sink stock prices or spark lawsuits. Senate Commerce Committee Chairman Jay Rockefeller (D-WV) is adding a provision to cybersecurity legislation that would strengthen the reporting requirement. The SEC's cybersecurity guidance issued in October is not mandatory. It was intended to update for the digital age a requirement that companies report "material risks" that investors want and have a right to know. Rockefeller's measure would direct the SEC's five commissioners to make clear when companies must disclose cyber breaches and spell out steps that companies are taking to protect their computer networks from electronic intrusions.