Tweet
Yesterday the SEC announced that it has adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies. SEC registrants will now be required to disclose material cybersecurity incidents they experience and to disclose information regarding their cybersecurity risk management policies and governance.
For more detailed information on the rules you can find the press release here. If you have thoughts on the new rules-- like how they might relate to CISA's sector specific incident reporting law passed a couple of years ago, or are they are step in the right direction (or not)-- feel free to leave them here in this chain.
For more detailed information on the rules you can find the press release here. If you have thoughts on the new rules-- like how they might relate to CISA's sector specific incident reporting law passed a couple of years ago, or are they are step in the right direction (or not)-- feel free to leave them here in this chain.