News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-08-02T19:57:00
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s (SEC) newly approved cybersecurity incident disclosure rule.
The intent of the 186-page final rule, adopted last week, is to make more information about material cybersecurity incidents available to investors—and quicker.
The rule follows guidance the SEC issued on cybersecurity incident disclosures in 2011 and 2018. While risk reporting and management have improved since then, disclosure practices across companies are “inconsistent,” which the new policy aims to address, the agency said in a fact sheet.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
2024-05-14T12:00:00Z By Adrianne Appel
Large public companies say they are prepared to comply with the disclosure requirements of the SEC’s new cybersecurity incident rule, according to a survey conducted by Compliance Week and DLA Piper, but concerns exist that those reports could enhance the threat of future cyberattacks.
2024-03-28T20:52:00Z By Adrianne Appel
Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Cybersecurity and Infrastructure Security Agency.
2023-12-13T18:04:00Z By Kyle Brasseur
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
2024-10-22T14:37:00Z By Aaron Nicodemus
The Department of Justice (DOJ) has proposed a new rule that would regulate the use of Americans’ personal information by foreign companies and foreign persons in six “countries of concern,” prohibiting and restricting the sale of data to thwart the use of data for cyber-enabled activities, espionage, coercion, influence and ...
2024-10-17T17:42:00Z By Adrianne Appel
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence (AI), and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
2024-10-17T16:22:00Z By Neil Hodge
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Site powered by Webvision Cloud