The No. 1 priority at the Securities and Exchange Commission (SEC) after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to the agency’s enforcement head.
The SEC understands firms have to make quick decisions when responding to a cyberattack, including around disclosures, said Gurbir Grewal during a speech at a cyber resilience summit on June 22.
