New SEC Cybersecurity Reporting Rules Take Effect
Ericom, Tuesday, January 2th, 2024
In July 2023 the US Security and Exchange Commission (SEC) issued new rules on 'Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure.
' Most of the new rules took effect before the end of 2023, so businesses that are required to submit filings to the SEC need to take steps to ensure they are in compliance with those rules.
In the press release announcing the new cybersecurity rules, SEC Chairman Gary Gensler said,
Whether a company loses a factory in a fire - or millions of files in a cybersecurity incident - it may be material to investors. Currently, many public companies provide cybersecurity disclosure to investors. I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable, and decision-useful way. Through helping to ensure that companies disclose material cybersecurity information, today's rules will benefit investors, companies, and the markets connecting them.