- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-08-02T19:57:00
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s (SEC) newly approved cybersecurity incident disclosure rule.
The intent of the 186-page final rule, adopted last week, is to make more information about material cybersecurity incidents available to investors—and quicker.
The rule follows guidance the SEC issued on cybersecurity incident disclosures in 2011 and 2018. While risk reporting and management have improved since then, disclosure practices across companies are “inconsistent,” which the new policy aims to address, the agency said in a fact sheet.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Cybersecurity and Infrastructure Security Agency.
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
The timing of a recent cyberattack against Clorox juxtaposed against the Securities and Exchange Commission’s adoption of its cybersecurity incident disclosure rule soon to take effect has presented a case study regarding how companies might seek to meet the requirements of the rule.
Mobile health applications and similar technologies must notify customers following a data breach or risk violating the Federal Trade Commission’s health breach notification rule.
Kristin Johnson of the Commodity Futures Trading Commission called for the agency to launch initiatives addressing the use—and misuse—of artificial intelligence tools in commodities markets.
Tens of millions of noncompete clauses included in employee contracts nationwide will be null and void by about Labor Day under a final rule issued by the Federal Trade Commission.
