The Center for American Progress released a very innovative, thought-provoking report last week entitled “New Strategies to Protect America: A Market-Based Approach to Private Sector Security” by Robert Housman and Timothy Olson. The report proposes using strong SEC disclosure regarding homeland security as a market-based means to drive companies to make appropriate internal security investments. It summarizes the state of homeland security-related disclosure today, and looks at how existing SEC regulations (incl. Sarbanes-Oxley) could be leveraged to improve the quality of homeland security disclosure. The report argues that enhanced disclosure would be useful information to shareholders, would not impose an undue burden on companies, and would not “tip off” terrorists to the state of a company’s defenses. The authors readily acknowledge that this proposal is not a panacea, but make a strong case that it would be much better than the status quo, where companies in many sectors are willfully ignoring the need to invest in security:
Some companies are already opting not to know. Many companies have not conducted top-to-bottom security assessments, or audits, because they are concerned that such a review will bring to light serious security shortcomings. These companies fear that once they are aware of such shortcomings they will either have to spend vast amounts of money to fix them, or risk serious liabilities for willful negligence if something bad happens to the company. This is the proverbial â€œOstrich Problem.â€
In fact, the decision not to know, and the resulting ignorance, actually offers companies little protection. There is ample legal precedent that willful blindness is not a shield against liabilityâ€”in either shareholder derivative actions or liability lawsuits. A market-based, disclosure regime will function best if companies are positively encouraged to analyze and fully understand their risks and the effectiveness of their security systems, and can then communicate such information to the market.
Overall, a very solid & balanced report, one that deserves further deliberation in Congress and at the SEC.