Joseph D. Masterson quoted in article “Cyberattacks expose flaws in SEC disclosure rules”Westlaw Next 01/16/15
Below is an excerpt:
Joe Masterson, a partner at the law firm of Quarles & Brady who has advised companies on disclosure, said cybersecurity issues “with a supplier or an important customer” outside the company could affect an investor’s decision because if one outsider knows of a company’s breach “then you better make a disclosure to make sure the whole market knows.”
SEC philosophy holds that any information that could affect a company’s stock value must be available to everyone if it is disclosed to some. If the information about a breach is contained to a few people within a company and it is not “material,” Masterson said, “there is no specific requirement to disclose.” In those cases, it is best to look into the matter and judge the depth of the breach, taking “a day or two” if a company can do so without allowing the information to spread, he said.
Originally published in Westlaw Next, January 16, 2014