Publicly traded companies must annually report their processes for spotting, judging and mitigating cybersecurity threats...In addition to the annual reports, starting on Dec. 18, all publicly traded companies must disclose material cybersecurity incidents to the SEC within four days if the incident is determined to be material.
CISOs, CFOs and other business leaders can prepare for these rules going into effect by drafting new disclosures well before the end of the fiscal year so that all relevant employees have the chance to review them...Now, those organizations are asking what they need to alter or enhance about their disclosure procedures, incident response and existing cyber capabilities.
[
add
]
[
|
|
...
]