US Department of Justice calls for mandatory data breach reporting


At a hearing on March 4 before the U. S. Senate Judiciary Committee, Department of Justice (DoJ) Deputy Assistant Attorney General for National Asset Protection in the National Security Division Adam Hickey called upon Congress to enact legislation that would create a uniform nationwide data breach disclosure law and include a requirement that companies report breaches not just to customers but also to law enforcement.



Increasing cyber security disclosures are an important step in increasing much needed transparency into how companies are managing their digital technology. Investors currently have very little visibility into the cyber governance of most companies, and disclosure mandates such as the one under discussion would bring more clarity to the threats that companies face, and to the critical question of whether individual companies are underinvesting in cybersecurity. And while the awareness about the importance of—and capital allocations to—cybersecurity amongst C-Suites has greatly increased in recent years, if companies are mandated to disclose known breaches it would likely bring even greater focus and resources to this critical issue. We say ‘known’ breaches because a large number of actual breaches go undetected altogether by companies. But, if enacted, this would be a positive step nonetheless.

Cyberhedge data shows clearly that the stock prices of companies with poor cyber governance underperform their peers. Encouraging improved cybersecurity at the individual company is therefore a very appropriate systemic issue for governments to address, and at a minimum, increasing disclosure requirements are long overdue. And even though most cyber breaches go undetected, the more attention and resources that are devoted to the issue, the better security—and protection of company assets—will become.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website