SEC Releases New Cybersecurity Guidance

Feb 23, 2018

SEC Releases New Cybersecurity Guidance

BY Chris Brunau

The SEC has issued a new guidance for companies regarding data breach disclosures.

According to SEC Chairman Jay Clayton, the guidance highlights the disclosure requirements under federal securities law that public operating companies must adhere to with respect to cybersecurity risks and incidents. Additionally, the guidance addresses the importance of policies and procedures related to disclosure controls and procedures, insider trading, and selective disclosures.

Clayton and the SEC urge companies take all required steps to inform investors about cybersecurity risk and incidents in a timely fashion.

In 2011, the SEC’s Division of Corporation Finance first published guidance about disclosing cybersecurity risks, but the frequency of data breaches has increased with some high-profile breaches including the NSA, Uber, and Equifax.

For more information, check out the official press release from the SEC.

Subscribe to the Blog