With Saltmarsh S.A.F.E. you can easily and securely transfer data directly to your Saltmarsh accountant.

Saltmarsh BRIDGE is a service that allows you to have instant access to your own QuickBooks virtual desktop already installed and ready to use.

Saltmarsh R & D tax credit software login

Featured Video

CPA - Featured Video - PKF North America is now Allinial Global

PKF North America is now Allinial Global

Effective November 30, 2015, PKF North America is changing its name to Allinial Global. This video illustrates the industry-specific resources that Allinial Global helps us provide to our clients.

Featured News & Articles

Economic Legislative & Policy Summit: Summary of Agenda Posted -Monday, November 23, 2015

This article reviews John's experience at the Economic Legislative & Policy Summit sponsored by alliantgroup.

» Read More

PKF North America is Now Allinial Global Posted -Wednesday, November 18, 2015

Allinial Global is the new name and identity of a longstanding association of independent accounting and consulting firms. Allinial Global, formerly known as PKF North America

» Read More

Investment Insights: The Patience Principle Posted -Tuesday, November 17, 2015

Failing markets are worrisome to all investors, but maintaining patience with a longer-term perspective is key.

» Read More

Featured Blog Posts

ITEN Wired Summit 2015 Posted - Wednesday, October 28, 2015

Saltmarsh News & Articles Top stories from Saltmarsh's Pensacola, Fort Walton Beach, Tampa, and Orlando offices

SEC Provides Disclosure Guidance Relating to Cybersecurity Risk Disclosure

Release Date: Monday, November 7, 2011

In today’s day and age, it’s hard to imagine any company that is not using the internet or internal technology to drive their business. However, companies, their boards and shareholders may not always understand the full extent of the risk that lies in that technology. Prompted by the irrefutable amount of attention to high-profile cybersecurity incidents, the Division of Corporate Finance of the Securities and Exchange Commission has focused on this issue and recently provided their views on registrants’ cyber risk disclosure obligations.

The Division states, “Registrants should disclose the risk of cyber incidents if these issues are among the most significant factors that make an investment in the company speculative or risky.”

Why is cybersecurity such a critical issue?
Virtually all activities today rely on computers and the internet – communication (internet, smartphones), shopping (online stores, credit cards), personal records (medical, employee and customer information), accounting records, etc. Cybersecurity entails protecting this information by protecting from, detecting, and responding to attacks.

What risks and consequences do you need to consider?
The risks companies should consider are: 1) misappropriation of sensitive data including proprietary information, 2) corrupted data and 3) operational disruption. These may be carried out by someone gaining unauthorized access or causing processing disruptions. Attacks may lead to consequences such as additional costs, lost revenues, litigation as well as reputational damage.

Which companies are most at risk?
Everyone who maintains data in an electronic environment. Zeena Patel, a leader in EisnerAmper’s Technology Audit and Advisory Services group, notes: “The Division was prompted to provide their views when several large companies were involved in significant attacks. However, data shows that criminals are just as likely to invade smaller and medium-sized organizations who may not have the resources to detect and prevent attacks quickly.”

What disclosures may be required?
The guidance, which does not change the existing rules and regulations, requires companies to disclose any aspects of a company’s business that could have material costs and consequences.

A significant attack, or high risk of attacks (even if currently undetected), may require quantitative and qualitative information within the “Risk Factor” disclosure.

Further consideration must also be given as to the inclusion of costs and consequences in Management’s Discussion and Analysis and Financial Statements.

Lastly, further, lacking operating cybersecurity controls may lead to ineffective Disclosure Controls and Procedures.

How should companies respond to the guidance?
Zeena further states: “Companies should be preparing a risk assessment which also includes third-party providers. Understanding the magnitude and likelihood of potential attack within your current controls will allow you to determine your disclosure requirements.”

The guidance can be found at http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm

For more information, please contact Saltmarsh, Cleaveland & Gund, (850) 435-8300.

© 2011 EisnerAmper LLP

Featured Video View all CPA Videos

PKF North America is now Allinial Global

Effective November 30, 2015, PKF North America is changing its name to Allinial Global. This video illustrates the industry-specific resources that Allinial Global helps us provide to our clients.

Archived News View all CPA News & articles

More News...

Follow our feeds.

Pensacola CPA on Facebook Pensacola CPA on LinkedIn Pensacola CPA RSS Feed Pensacola CPA on Twitter See What We Like with Pinterest Pensacola CPA on YouTube


CPA and Bank Consultants - Pensacola, FL 900 N. 12th Avenue, Pensacola, FL 32501
Local Phone: 850.435.8300 • Fax: 850.435.8352
Fort Walton Beach
CPA and Bank Consultants - Fort Walton Beach, FL 34 Walter Martin Rd, Ft Walton Bch, FL 32549
Local Phone: 850.243.6713 • Fax: 850.243.4137
CPA and Bank Consultants - Tampa, FL 201 N. Franklin St., Ste 2720, Tampa, FL 33602
Local Phone: 813.287.1111 • Fax: 813.207.0201
4798 New Broad Street, Ste 320, Orlando, Florida 32814
Local Phone: 407.203.8990 • Fax: 407.203.8987

Toll Free: (800) 477-7458 • Email: info@saltmarshcpa.com

Website by Grendelfly Studio - A Division of SC&G

(c) 2015 Saltmarsh, Cleaveland & Gund • Certified Public Accountants And Consultants • Serving Florida And The Southeast