SEC’s New Cybersecurity Rules Now in Effect

By

US-listed companies must now disclose breaches within 4 days.

New cybersecurity rules from the US Securities and Exchange Commission (SEC) went into effect on December 15, 2023, reports Todd Ehret.

The rules “introduce mandatory cyber-incident reporting requirements for all US-listed companies.”

These rules represent a significant shift in disclosure requirements, as “disclosures must be filed within four business days after a company determines that it has experienced a material cyber-incident,” Ehret says.

Companies also must “ensure that best practices are in place across the enterprise to prevent cyberattacks and ensure that a proper response plan is in place that effectively stops or quickly remediates real threats when attacked,” he notes.

Read more at Thomson-Reuters.
 
 
 

 
 
 

12/20/2023

Related content

  • Understanding Cybersecurity Maturity Model Certification
    United States Cybersecurity Maturity Model Certification will be required by mid-2023 to handle controlled unclassified information and win federal contracts, but it can also help minimize business risk and keep information out of the hands of adversaries.
  • News for Admins
    In the news: US Agencies Issue Quantum-Readiness Recommendations; Bitwarden Secrets Manager; IBM X-Force Releases Detection and Response Framework for Managed File Transfers; National Strategy to Expand US Cyber Workforce; SEC Adopts New Rules for Disclosure of Cybersecurity Incidents; Canonical Announces Real-Time Ubuntu for Intel Core; EU-US Data Privacy Framework Ensures Safe Data Transfers; IEEE Releases New Standard for LiFi Communications; EU Health Sector Security Risks; and JupyterLab 4.0.
  • Prepare Now for New Cybersecurity Regulations
  • Cybersecurity Apprenticeship Initiative Announced
  • Security and automation with SBOMs
    Already mandatory in the United States and recently approved in Europe thanks to new legislation, a software bill of materials provides information about software components, enabling IT managers to respond better to attacks and vulnerabilities.
comments powered by Disqus