SEC (Securities and Exchange Commission) issued a regulation recently that imposes a greater level of transparency regarding cybersecurity risk management, governance, and incident reporting and response. There will be compliance requirements for public companies listed on U.S. stock exchanges starting mid-December 2023 (or early spring 2024 for small companies that meet the qualification criteria) regarding cyber risk management and incident disclosures under the rule.
There will be an advantage to companies that proactively identify and fix vulnerabilities as a result of the new rule requiring companies to disclose features of their security programs to the public.
By providing investors with information about public companies’ cybersecurity risk management, the SEC aims to help them make informed investment decisions for their hard-earned money.
A company’s maturity in security can be used by investors as a market divider when it comes to its security as security becomes increasingly important to corporate governance.
The regulatory authorities have taken a significant step towards improving cybersecurity disclosures for public companies by adopting new rules designed to give investors comprehensive and standardized information about how cybersecurity risks should be managed, strategies implemented, governance processes adopted, and incidents reported.
The new rule
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: