(Reuters) – Scores of U.S. companies have not disclosed breaches of their computer systems, even though eight months have passed since U.S. securities regulators issued guidelines on disclosing cyber attacks, according to leading security experts.
Calling for more rigorous rules and enforcement, these experts told the Reuters Global Media and Technology Summit in New York they know of many cyber intrusions, thefts and other digital security issues that were kept quiet.
“There have been lots of breaches in every industry that have never been publicized,” said Shawn Henry, the FBI’s former top cyber cop, who joined a new cyber security company, CrowdStrike, in April.
Henry said the FBI was working on 2,000 active cyber cases when he retired from the agency in March. “There’s only a handful of cases that anybody has ever heard about,” he said.
U.S. government officials and cybersecurity consultants have been raising alarms about the growing sophistication of attacks on private and government computer networks. (Read More)