Newsnews
News

SEC’s New Cybersecurity Disclosure Rules: What Businesses Need To Know

Written by: Sherilyn Beall | Published: 18 December 2023 | Modified: 5 March 2024
secs-new-cybersecurity-disclosure-rules-what-businesses-need-to-know
News

Publicly-owned companies in the U.S. are now required to adhere to new cybersecurity disclosure rules set by the SEC. These rules demand the reporting of “material” cyber incidents within 96 hours. The implications of non-compliance are significant, as organizations could face penalties from the U.S. Securities and Exchange Commission (SEC).

Key Takeaway

The SEC’s new cybersecurity disclosure rules require publicly-owned companies to report “material” cyber incidents within 96 hours. Non-compliance can result in significant consequences, and companies must ensure timely and accurate reporting to avoid penalties.

Reporting Requirements

Under the new regulations, organizations must report cybersecurity incidents, including data breaches, to the SEC within four business days. This information should be included in a specific line item on a Form 8-K report. The aim of these rules is to enhance transparency in cybersecurity governance and provide consistent and comparable disclosure for the benefit of investors and companies.

Disclosure Details

Companies must describe the nature, scope, timing, and material impact of the breach in their 8-K filing. Notably, the regulation does not mandate the disclosure of information regarding the incident’s remediation status, ongoing recovery efforts, or compromised data.

Extensions and Exceptions

Smaller companies have been granted a 180-day extension before they must file their Form 8-K. Additionally, there is an exception to the four-day deadline for larger organizations if premature disclosure could pose a substantial risk to national security or public safety, as determined by the U.S. attorney general.

Consequences of Non-Compliance

Failure to comply with the new rules can lead to various consequences, including financial penalties, legal liabilities, reputational damage, loss of investor confidence, and regulatory scrutiny. Recent actions by the SEC against companies and individuals have demonstrated the seriousness of non-compliance.

Pushback and Concerns

Some companies have expressed concerns about the short reporting window and the SEC’s definition of “material incidents.” There is also apprehension that the breadth of information required to be disclosed may provide insight to hackers. In a concerning development, hackers have already exploited the new rules to file complaints against their victims.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Related Posts

How SEC’s Climate Disclosure Rule Could Boost A New Class Of Climate Startups
News

How SEC’s Climate Disclosure Rule Could Boost A New Class Of Climate Startups

by Malanie Walls | 6 March 2024
SEC’s New Cyber Reporting Rules And The Increasing Legal Oversight In Cybersecurity
News

SEC’s New Cyber Reporting Rules And The Increasing Legal Oversight In Cybersecurity

by Idell Rood | 18 January 2024
What Is Title III Crowdfunding Rules
FINTECH

What Is Title III Crowdfunding Rules

by Charlena Deberry | 7 November 2023
The SEC’s Proposed Rules On Investment Adviser Obligations Could Create Regulatory Risks For Fintech Startups
News

The SEC’s Proposed Rules On Investment Adviser Obligations Could Create Regulatory Risks For Fintech Startups

by Dode Roden | 25 October 2023
How Is Fintech Regulated
AI

How Is Fintech Regulated

by Neilla Pete | 19 September 2023
How Is Bitcoin Regulated
FINTECH

How Is Bitcoin Regulated

by Shawnee Danielson | 6 November 2023
Grayscale CEO Optimistic About Approval Of Spot Bitcoin ETF Applications
News

Grayscale CEO Optimistic About Approval Of Spot Bitcoin ETF Applications

by Naoma Blanco | 11 January 2024
SEC Commissioner Hester Peirce Remains Committed To Token ‘Safe Harbor’ Proposal
News

SEC Commissioner Hester Peirce Remains Committed To Token ‘Safe Harbor’ Proposal

by Malanie Walls | 8 February 2024

Recent Stories

How to Use Email Blasts Marketing To Take Control of Your Market
How-To Guides

How to Use Email Blasts Marketing To Take Control of Your Market

by Sherilyn Beall | 10 May 2024
Learn To Convert Scanned Documents Into Editable Text With OCR
Software Tutorials

Learn To Convert Scanned Documents Into Editable Text With OCR

by Sherilyn Beall | 26 April 2024
Top Mini Split Air Conditioner For Summer
Buyer's Guides

Top Mini Split Air Conditioner For Summer

by Sherilyn Beall | 26 April 2024
Comfortable and Luxurious Family Life | Zero Gravity Massage Chair
Buyer's Guides

Comfortable and Luxurious Family Life | Zero Gravity Massage Chair

by Sherilyn Beall | 26 April 2024
Fintechs and Traditional Banks: Navigating the Future of Financial Services
General Fintech

Fintechs and Traditional Banks: Navigating the Future of Financial Services

by Sherilyn Beall | 18 April 2024
AI Writing: How It’s Changing the Way We Create Content
AI

AI Writing: How It’s Changing the Way We Create Content

by Sherilyn Beall | 3 April 2024
How to Find the Best Midjourney Alternative in 2024: A Guide to AI Anime Generators
Digital Media & Creative Tech

How to Find the Best Midjourney Alternative in 2024: A Guide to AI Anime Generators

by Sherilyn Beall | 28 March 2024
How to Know When it’s the Right Time to Buy Bitcoin
Cryptocurrency

How to Know When it’s the Right Time to Buy Bitcoin

by Sherilyn Beall | 28 March 2024