New SEC rule requires public companies to disclose cybersecurity breaches in 4 days

URL:

https://apnews.com/article/sec-cybersecurity-breach-disclosure-risk-hacking-bb6252463637793bfdc8ace5bfcbe7df

Abstract:

The Securities and Exchange Commission (SEC) adopted new rules requiring public companies to disclose cybersecurity breaches within four days that could impact their financial status, with exceptions for national security or public safety risks. Companies must also annually disclose cybersecurity risk management details. The aim is to protect investors and increase transparency. Delays are possible with U.S. Attorney General approval, with only rare extensions allowed. The rule’s main goal is to enhance cyber defenses and company transparency in managing cyber risks. The regulation also covers breaches through third-party applications.

Author:

AP news

Year:

2023

Domain: Governance & Institutions