News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-08-02T19:57:00
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s (SEC) newly approved cybersecurity incident disclosure rule.
The intent of the 186-page final rule, adopted last week, is to make more information about material cybersecurity incidents available to investors—and quicker.
The rule follows guidance the SEC issued on cybersecurity incident disclosures in 2011 and 2018. While risk reporting and management have improved since then, disclosure practices across companies are “inconsistent,” which the new policy aims to address, the agency said in a fact sheet.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
2024-05-14T12:00:00Z By Adrianne Appel
Large public companies say they are prepared to comply with the disclosure requirements of the SEC’s new cybersecurity incident rule, according to a survey conducted by Compliance Week and DLA Piper, but concerns exist that those reports could enhance the threat of future cyberattacks.
2024-03-28T20:52:00Z By Adrianne Appel
Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Cybersecurity and Infrastructure Security Agency.
2023-12-13T18:04:00Z By Kyle Brasseur
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
2024-07-24T15:50:00Z By Aaron Nicodemus
Financial institutions holding Russian sovereign assets that have not reported them to the Treasury Department’s Office of Foreign Assets Control are now required to do so by Aug. 2.
2024-07-23T12:29:00Z By Ruth Prickett
Compliance officers should take note of proposed laws in the U.K. with the newly elected Labor government setting the legislative agenda in the King’s Speech last week, promising consultations on enhanced employee rights and a higher minimum wage.
2024-07-22T15:50:00Z By Aaron Nicodemus
Four federal banking regulators have joined the Treasury Department’s Financial Crimes Enforcement Network in issuing a notice of proposed rulemaking that would require financial institutions to conduct more thorough risk assessments on their anti-money laundering/countering the financing of terrorism programs.
Site powered by Webvision Cloud