SEC adopts new cybersecurity disclosure rules

Share post:

The Securities and Exchange Commission (SEC) of the United States has established new regulations requiring public firms to disclose cybersecurity breaches within four days if they potentially have an impact on the company’s bottom line. The guidelines also compel businesses to provide information on their cybersecurity risk management and leadership experience in the subject on an annual basis.

The new guidelines were approved 3-2 along party lines. The Republican commissioners who voted no contended that the restrictions exceeded the SEC’s power and may benefit hackers. According to advocates, the limits are necessary to protect investors from the financial risks of cybersecurity breaches. They also noted that the legislation will help companies strengthen their cybersecurity operations. While another party claim that the new rules go beyond the SEC’s power and “appear to be designed to better meet the needs of would-be hackers,” who may benefit from extensive information on how corporations handle cyberrisk.

According to the rule, breach disclosures may be postponed if the US Attorney General decides they represent a significant danger to national security or public safety and informs the SEC in writing. Only in exceptional circumstances may that delay be prolonged over 60 days.

The new rules will go into effect 30 days after they are published in the Federal Register. The rules will be enforced by the SEC’s Division of Enforcement. Companies that fail to comply with the rules could face civil penalties.

The sources for this piece include an article in CTVNews.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways