Hacker and virus incursions could spell not only disruption and possible civil liability for companies whose computer systems are compromised, but also civil and even criminal penalties potentially including prison terms for the companies’ executives, it’s being warned. “Though health-care, banking and deceptive-business laws all create security obligations, a new accounting-reform law being phased in is likely to have the biggest impact. The 2002 Sarbanes-Oxley Act holds executives liable for computer security by requiring them to pledge that companies’ ‘internal controls’ are adequate, and auditors are starting to include cybersecurity in that category, said Shannon Kellogg, director of government affairs at RSA Security.” (“Online security: who’s liable?”, Reuters/Wired News, Mar. 28). For more on hackee liability and related issues, see May 29, 2001; Jul. 12, Feb. 26-27, and Feb. 10-11, 2000.
Get hacked, go to jail
Hacker and virus incursions could spell not only disruption and possible civil liability for companies whose computer systems are compromised, but also civil and even criminal penalties potentially including prison terms for the companies’ executives, it’s being warned. “Though health-care, banking and deceptive-business laws all create security obligations, a new accounting-reform law being phased in […]
One Comment
Hackers and executives can be sharing a jail cell
Overlawyered talks about an interesting aspect of the Sarbanes-Oxley Act (aka Sox or Sarbox) regarding secur