Security News > 2023 > November > 5 resolutions to prepare for SEC’s new cyber disclosure rules

The most notable example is the US Securities and Exchange Commission's new rules on cybersecurity risk management, strategy, governance and incident disclosure.

The new disclosure rules are designed to provide investors with a greater understanding of the risks a listed company faces from cyber threats and the level of controls in place to mitigate that risk.

The SEC has recognized the importance of cybersecurity risk management and is using these rules to formalize the discipline.

Why? Per the new SEC rules, companies must now report details of their cybersecurity program as part of their official corporate filings.

Material cybersecurity incidents must be reported within four days of their occurrence using the SEC Form 8-K. The details of the cybersecurity program must be included in the company's annual report, SEC Form 10-K. Increase focus on incident detection and response: Security monitoring must be continually enhanced to detect and block suspicious cyber activity against network, system, and application assets.

Deputize the company: Everyone in a company must understand the importance of complying with the new SEC rules.

News URL

https://www.helpnetsecurity.com/2023/11/29/sec-cyber-disclosure-rules-importance/