SEC adopts new cybersecurity disclosure rules

Share post:

The Securities and Exchange Commission (SEC) of the United States has established new regulations requiring public firms to disclose cybersecurity breaches within four days if they potentially have an impact on the company’s bottom line. The guidelines also compel businesses to provide information on their cybersecurity risk management and leadership experience in the subject on an annual basis.

The new guidelines were approved 3-2 along party lines. The Republican commissioners who voted no contended that the restrictions exceeded the SEC’s power and may benefit hackers. According to advocates, the limits are necessary to protect investors from the financial risks of cybersecurity breaches. They also noted that the legislation will help companies strengthen their cybersecurity operations. While another party claim that the new rules go beyond the SEC’s power and “appear to be designed to better meet the needs of would-be hackers,” who may benefit from extensive information on how corporations handle cyberrisk.

According to the rule, breach disclosures may be postponed if the US Attorney General decides they represent a significant danger to national security or public safety and informs the SEC in writing. Only in exceptional circumstances may that delay be prolonged over 60 days.

The new rules will go into effect 30 days after they are published in the Federal Register. The rules will be enforced by the SEC’s Division of Enforcement. Companies that fail to comply with the rules could face civil penalties.

The sources for this piece include an article in CTVNews.

SUBSCRIBE NOW

Related articles

Ransomware Surge Targets U.S. Energy and Utilities Sector Amid Legacy System Challenges: Report

A recent Trustwave SpiderLabs report underscores the growing cybersecurity challenges in the U.S. energy and utilities sector, driven...

FortiGate Configuration Leak Exposes Thousands of Organizations

A recent security incident has resulted in the exposure of nearly 5,000 organizations' email addresses and IP information...

Credentials from Top Cybersecurity Vendors Found on Dark Web For $10 Each

A report by security researchers at Cyble has uncovered a troubling discovery: thousands of account credentials from several...

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways