I was on vacation for a week and am just catching up on Tom's back stories. When I first read this headline I thought it was referring to *anyone* dumping stock, not just employees (execs or otherwise) which I'd have a major problem with. The key here is the companies taking action against said employees and notifying the SEC before the news of a security breach went public. If the SEC starts heavily fining said companies who fail to act then you can bet that more will do their duty. With that said however and alluding to Lucian's closing comment in the article, if the SEC does not enforce their own laws and punishment, then what is the point?
Finally, the next question to address is when are companies going to be fined for concealing and delaying notifying the public about a security breach? We've seen it from Yahoo, Sony's Playstation Network, Target, and several others who have delayed notifying the public. The corporations themselves need to be fined as well for not timely notifying the public and trying to internally rectify the situation before it goes public. But more often than not by the time they take action, the damage has spread and gotten out of control. In Sony's defense they fined themselves in essence by giving us PS3 owners a month free of PSN Plus membership and two free AAA title games to download (this was during the PS3 days prior to the PS4 and when you didn't need to purchase a PS+ subscription to game online).