In May 2011, a group of U.S. lawmakers called on SEC Chairman Mary Shapiro to issue guidance and apply enforcement in respect of disclosure requirements of listed companies confronted with (material) cyber crime attacks.
Multinational companies are increasingly being confronted with computer hacking and theft of electronic information. Some of these attacks (such as recently on Sony, Expedia and Epsilon) are performed by organisations targeting customer and credit card data. Other attacks (such as recently on Google, Intel and Adobe) are performed by groups which target a company's intellectual property and confidential information. Cyber crime attacks can result in substantial damage to a company's finances and reputation. They can also affect a company's legal position. Loss of customer and credit card data triggers security breach notifications in various jurisdictions and can result in major (class action) litigation. Loss of intellectual property and confidential information can result in loss of R&D investments and breach of licenses and confidentiality obligations.
Governments are ramping up investigation and enforcement capabilities. In 2010, Europol established an international cybercrime unit. In February 2011, the Dutch Ministry of Security and Justice presented a national cyber security strategy. The Dutch national police have a national high-tech crime unit with extensive expertise. In June 2011, the German government launched a National Cyber Defense Center.