Cyber thieves cause billions of dollars in damage every year to American companies, and while many organizations willingly hide this information from customers and shareholders, personal information is at risk, The Washington Post reports. The Securities and Exchange Commission laid out updated guidelines for companies which require businesses to report data breaches and instances of identity theft data theft publicly. "It’ll force executives to really understand what’s going on within their corporations," said Melissa Hathaway, a former White House cyber manager who has continually urged the SEC to amend its stance on businesses and cyber attacks. "I think it will create the demand curve for cybersecurity." Senator John D. Rockefeller IV, chairman of the SEC, said in a statement that in the past, investors have often been uninformed during a data breach, but his agency's guidance will give the market necessary information and encourage companies to increase their own security. Since 2004, there have been at least 245,000 cases of identity theft in the United States, approximately three times the rate than 2001, according to the Federal Trade Commission.