- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-07-26T16:30:00
The Securities and Exchange Commission (SEC) on Wednesday finalized its controversial rule requiring public companies to disclose the nature, scope, timing, and impact of cybersecurity incidents deemed to be material within four business days.
The rule, proposed in March 2022, has received significant attention in the past year for the relatively short timeline it provides businesses to grasp the extent of a cybersecurity incident such as a data breach. Also short will be its compliance date, as large companies as soon as December could be required to begin making the new disclosures.
Smaller reporting companies will receive an additional 180 days to comply.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
Covington & Burling is leaving open the possibility of appealing a recent federal court order requiring the law firm to provide the names of hacked clients to the Securities and Exchange Commission.
Financial institutions holding Russian sovereign assets that have not reported them to the Treasury Department’s Office of Foreign Assets Control are now required to do so by Aug. 2.
Compliance officers should take note of proposed laws in the U.K. with the newly elected Labor government setting the legislative agenda in the King’s Speech last week, promising consultations on enhanced employee rights and a higher minimum wage.
Four federal banking regulators have joined the Treasury Department’s Financial Crimes Enforcement Network in issuing a notice of proposed rulemaking that would require financial institutions to conduct more thorough risk assessments on their anti-money laundering/countering the financing of terrorism programs.
