SEC Proposes New Cybersecurity Disclosure Rules on Incident Reporting, Risk Management, Strategy, and Governance
The U.S. Securities and Exchange Commission proposed rules that will require public disclosure not only of cybersecurity incidents, but also of aspects of public companies' preparedness for cyber threats. The proposed rules set a short time frame for reporting "material" compromises, and the rules do not provide for delayed disclosure at the request of law enforcement or other investigators.
The comment period for the proposed rules ends on May 9, 2022.
Perkins on Privacy
Perkins on Privacy provides updates and insights on an array of privacy and data security legal issues, brought to you by Perkins Coie’s Chambers-ranked Privacy & Security practice. Subscribe 🡢