×
Newsmax TV & Webwww.newsmax.comFREE - In Google Play
VIEW
×
Newsmax TV & Webwww.newsmax.comFREE - On the App Store
VIEW
Tags: sec | cybersecurity | hacks | regulation | four days

SEC to Require Hacks to Be Reported Within Four Days

breach
(Dreamstime)

Wednesday, 09 March 2022 11:02 AM EST

Wall Street's watchdog voted to unveil a rule on Wednesday that aims to enhance how public companies disclose when they experience a breach, and how soon.

Under the proposed Securities and Exchange Commission (SEC) measures, a company would have to spell out when it experiences a risk and what strategies it has employed to address and manage such risks in current report filings, including Form 8-K.

The rule changes, which are subject to public consultation, would also require an analysis of how the cyber risks are likely to affect the company's financials. This would allow investors to assess these risks more effectively, and to locate them more readily, the SEC said.

The 3-1 vote by the commission to issue changes comes at a time of growing regulatory concern about how cyber security issues could affect markets and investors. Regulators have warned, for example, of cyber attacks from Russia in retaliation for Western sanctions.

President Joe Biden's administration has also ratcheted up its focus on the issue after a recent series of high-profile cyber attacks on U.S.-based companies.

"The interconnectedness of our networks, the use of predictive data analytics and the insatiable desire for data are only accelerating, putting our financial accounts, investments, private information at risk," SEC Chair Gary Gensler said on Wednesday.

"They're like honeypots sitting inside of companies and investors want to know more about how issuers are managing those growing risks."

Wednesday's measure would also require updates in periodic reports to give investors more complete information on previously disclosed, material cybersecurity incidents, the agency said.

The proposals would build on existing SEC cyber risk guidance, which is set to remain in effect, even under the SEC's new rules, an agency official told reporters.

"How a company might think about the impact (of a breach) to management's discussion and analysis of financial conditions ... should still be taken into consideration," the official added.

The SEC has long warned companies that materiality of a cyber breach should not be limited to the quantitative impact on revenue or assets, but should consider qualitative factors that a reasonable investor would consider in making decisions.

Republican Commissioner Hester Peirce, who dissented on the proposal, said the move goes beyond the agency's mission.

"This proposal flirts with casting us as the nation's Cybersecurity Command Center -- a role Congress didn't give us," she said.

© 2024 Thomson/Reuters. All rights reserved.


StreetTalk
Wall Street's watchdog voted to unveil a rule on Wednesday that aims to enhance how public companies disclose when they experience a breach, and how soon.
sec, cybersecurity, hacks, regulation, four days
391
2022-02-09
Wednesday, 09 March 2022 11:02 AM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
Get Newsmax Text Alerts
TOP

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
MONEYNEWS.COM
© Newsmax Media, Inc.
All Rights Reserved
NEWSMAX.COM
MONEYNEWS.COM
© Newsmax Media, Inc.
All Rights Reserved