The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers to make comparable disclosures. “Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors,” said SEC … More
The post SEC adopts new cybersecurity incident disclosure rules for companies appeared first on Help Net Security.