Biden will veto attempts to kill off SEC's security breach reporting rules

2024-02-01 17:15

The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission's strict data breach reporting rule.

The SEC's rule require public companies hit by cybercriminals to report the incident within four days.

Tillis, in a brief comment on Garbarino's release, only described the SEC's reporting rule as Commission chair Gary Gensler doing his best "To hurt market participants by overregulating firms into oblivion," with an onerous rule "That creates unrealistic timelines and unnecessary red tape that will ultimately make markets less safe overall."

President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act into law in March 2022, but CISA had 24 months from passage to present a rule for consideration, which it has yet to do.

CIRCIA asked CISA to give cybersecurity incident victims a mere 72 hours - three days - to report a breach.

In the meantime, the FTC and SEC have taken matters into their own hands, which appears to be helping - we've even been able to report on breaches at companies like HPE thanks to SEC reports.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/02/01/senate_resolution_to_undo_sec/

#breach #SEC #security

News URL

Related news