SEC Reinforces and Expands Its Cybersecurity Guidance for Public Companies

By CircleID Reporter

The Securities and Exchange Commission has issued an updated guidance for public companies in preparing disclosures about cybersecurity risks and incidents. SEC Chairman Jay Clayton said: "The guidance highlights the disclosure requirements under the federal securities laws that public operating companies must pay particular attention to when considering their disclosure obligations with respect to cybersecurity risks and incidents. It also addresses the importance of policies and procedures related to disclosure controls and procedures, insider trading, and selective disclosures. ... I believe that providing the Commission’s views on these matters will promote clearer and more robust disclosure by companies about cybersecurity risks and incidents, resulting in more complete information being available to investors." SEC voted unanimously to approve the guidance on Tuesday according to the released statement.

Related topics: Cyberattack, Cybercrime, Cybersecurity, Policy & Regulation