SEC disclosure rule for ‘material’ cybersecurity incidents goes into effect Publicly traded companies are now required to disclose “material” cybersecurity incidents to the U.S. Securities and Exchange Commission, after the new agency rule went into effect Monday. While the SEC’s rule is aimed at providing investors with information on potential risks to replace the inconsistent disclosures of major incidents, the controversial rulemaking has garnered criticism from industry, Republican lawmakers and some cybersecurity experts. The implementation of the rule comes at a time when there are few breach reporting requirements, a fact that largely leaves government and policymakers without basic information on the current landscape. https://hubs.li/Q02dlftf0 #cybersecurity #datasecurity
Ostendio’s Post
More Relevant Posts
-
The SEC's recent amendments to Regulation S-P are shaking up how Registered Investment Advisers (RIAs) handle data breaches. Effective 60 days post-publication, these updates mandate comprehensive incident response programs and swift client notifications within 30 days of detection. For RIAs, this means more than just compliance—it's about bolstering cybersecurity to protect client data and trust. Are you prepared for these changes? Dive into our latest blog to navigate the new landscape and ensure your firm stays ahead: https://lnkd.in/g27Dk4qZ #SEC #Cybersecurity #RIA #DataBreach #Compliance #FinancialAdvisory #InvestmentManagement
To view or add a comment, sign in
-
I ask BD/RIA firms all the time whom you want to want to write the check to for their data breaches. The Pirates? The regulators (fed, state, or both)? What is your clients' data worth and your reputation? Take a look at the latest blog from Visory
The SEC's recent amendments to Regulation S-P are shaking up how Registered Investment Advisers (RIAs) handle data breaches. Effective 60 days post-publication, these updates mandate comprehensive incident response programs and swift client notifications within 30 days of detection. For RIAs, this means more than just compliance—it's about bolstering cybersecurity to protect client data and trust. Are you prepared for these changes? Dive into our latest blog to navigate the new landscape and ensure your firm stays ahead: https://lnkd.in/g27Dk4qZ #SEC #Cybersecurity #RIA #DataBreach #Compliance #FinancialAdvisory #InvestmentManagement
To view or add a comment, sign in
-
🚨 Is your business ready for the new US cyberattack disclosure rules? Our CEO, Israel Mazin, shares vital insights with Dave Gordon from DX Journal on the imperative of robust cybersecurity defenses amid looming legal and reputational risks. These regulations, requiring businesses to report breaches to the U.S. Securities and Exchange Commission within four days, signal a pivotal shift. How will this affect your strategy? Dive into the discussion and uncover key strategies for navigating these waters: https://lnkd.in/gFTGU6Jg #Cybersecurity #SEC #DataBreach
To view or add a comment, sign in
-
The SEC has recently updated its cybersecurity reporting requirements, a significant shift that will affect public companies and investors alike. The attached article provides an essential breakdown of the new rules and what they mean for compliance and transparency in financial reporting. These changes are pivotal. They underscore the need for robust cybersecurity measures and transparent disclosures to protect investor interests and market integrity. Enhanced reporting rules not only improve cybersecurity practices but also build investor confidence. 🔗 Stay informed about these crucial developments by reviewing the SEC's official document: https://buff.ly/3WbKfK4 #Cybersecurity #FinanceLaw #SECRules #CorporateCompliance #InvestorProtection
To view or add a comment, sign in
-
“Empowering Resilience: Business Continuity & IT Disaster Recovery Specialist 🛡️ | Driving Stability and Preparedness in IT Infrastructure | 30+ Years of IT Excellence | IAMCP & IEEE Member”
Similar to the rules put forth by the New York Department of Financial Services, back in May of this year, the SEC updated its rules regarding cybersecurity incident responses and reporting. 📊 Broker-dealers, investment companies, registered investment advisors, and others are now required to maintain incident response programs. These programs need to detect, respond to, and recover from cyber theft of customers' personal data. Part of this involves notifying individuals that their information may have been accessed by unauthorized persons. From May, companies affected by the rulings have 18 months to 2 years to implement the changes. These are now standard procedures. The reality is that if you have a robust cybersecurity program in place, you’ll likely meet all of these rules as they come into effect. Have you met these rules, or are you ready to? #CyberSecurity #Compliance #SEC #IncidentResponse #DataProtection
To view or add a comment, sign in
-
Accounting and Finance Leader | Exec Advisor to the SEC, ESG, and SOX Pro Groups | Accounting Enthusiast and Diet Coke Aficionado
Cybersecurity continues to trip up financial reporting teams and their attorneys as the SEC issues yet ANOTHER clarifying statement. 🚒👨🚒🔥 For background, the SEC's Regulation FD (fair disclosure) seeks to keep a level playing field such that companies cannot privately disclose material information to some shareholders and investors without making it public to everyone else. It seems that companies are mistakenly worried that under Reg FD they could be in hot water with the SEC for publically disclosing a cyber incident and then sharing more details with IT experts and others who can help them fix it without making those additional details public. Yesterday's statement puts this misconception to rest, but it's highly surprising that the SEC needed to clarify this in the first place. 🤔 This is the second piece of guidance in as many months that the SEC has issued on cybersecurity, which tells me that companies seem to be stuck on the struggle-bus in applying this rule. If you haven't synced up with your IT, legal, and other teams to proactively determine how you'd respond to a cyber incident, you might find yourself on the struggle bus-too! 🚌 Now's the time to sync up with these teams and get a plan in place. Director Gerding's statement: https://lnkd.in/eQ3Cjv5C #SECReportingisLIT #cybersecurity #financialreporting
To view or add a comment, sign in
-
SEC Clarifies Rules on Disclosure of Cybersecurity Incidents: Here’s What You Need to Know: Originally published by BARR Advisory.The Securities and Exchange Commission (SEC) recently published updated guidance for public companies on how and when to disclose cybersecurity incidents.Issued as a follow-up to new rules adopted by the commission last year, the updated guidance is intended to provide businesses with increased clarity on how to report security breaches as well as minimize confusion among investors about what constitutes a “material” incident.Here’s everything you need to...
SEC Updated Guidance on Cybersecurity Disclosures | CSA
To view or add a comment, sign in
-
The New York Department of Financial Services recently amended its #cybersecurity regulation. The revisions aim to strengthen cybersecurity and technology controls to address evolving threats to consumer data and ensure the continued integrity of financial systems. Here are a few key elements of the amendments to the Regulation and potential impacts on financial institutions.
New York amends Cybersecurity Regulation that applies to financial services industry | JD Supra
To view or add a comment, sign in
-
As the SEC clarifies its rules around cybersecurity disclosures, finding the balance between transparency and safeguarding sensitive information is crucial. Wheelhouse Advisors emphasizes the importance of robust internal controls and clear communication channels in navigating these evolving regulations. #SEC #Cybersecurity
SEC Clarifies Cybersecurity Incident Disclosure Rules: Key Takeaways for Companies — Wheelhouse Advisors
wheelhouseadvisors.com
To view or add a comment, sign in
-
In Dark Reading, Lowenstein partner Kathleen McGee highlights the importance of the U.S. Securities and Exchange Commission's breach disclosure rule, emphasizing that companies with robust security processes and policies are better positioned to navigate enforcement actions and ultimately contribute to the rise of more security-aware organizations. Read the full article: https://bit.ly/3TciTBG Read Kathleen’s bio: https://lnkd.in/dfiGHN2m #cybersecurity #databreach #securitybreach #dataprotection #privacylaw
To view or add a comment, sign in
3,357 followers