I’ve hacked together a script that looks for new SEC correspondence regarding ‘cyber’ incidents and risk, and posts the results.

The heuristic used is amazingly simple, yet surprisingly effective:  it looks for any SEC documents of type UPLOAD (Comment Letters from the SEC to registrants) or of type CORRESP (responses to same, from registrants) which contain the keywords cyber, malicious, intrusion, or virus. Update 11/24/2012: heuristic changed to find files containing “(( cyber OR malicious OR intrusion ) AND (virus OR breach) ) OR cyber”.  This cuts down on FPs.   I know I can take “cyber” out of the first part.  Too lazy.

These keywords were chosen because together they smoked out nearly every Comment Letter about “cyber” incidents I knew of from press reports, with few enough false positives to not drive me batty.  Adding the word “breach” smoked out the remaining letters, but exploded the false positive count.

Readers should note that this heuristic is most definitely NOT 100% accurate, and should judge for themselves whether the correspondence identified pertains to “cyber” incidents or risk.