Proposed amendments to current SEC rules would enhance and standardize public company disclosures regarding cybersecurity risk management, strategy, governance and incident reporting.
Specifically, the amendments propose requiring current reporting about material cybersecurity incidents that can result in potential costs and damage.
The SEC amendments also propose requiring periodic disclosures about a registrant’s policies and procedures to identify and manage cybersecurity risks, management’s role in ensuring those policies and procedures and the board of directors’ oversight of any cybersecurity risks. Learn more.