Public companies would be required to disclose more extensive information to investors about their cybersecurity practices and incident reporting under new amendments being proposed by the Securities and Exchange Commission.
In a news release, the SEC provided details of the proposed amendments that would be required for companies subject to the Securities Exchange Act of 1934. The commission said the proposals are intended to better inform investors about companies’ risk management and strategy, and to notify investors of significant cybersecurity incidents on a timely basis.
Among other things, companies would be required to provide current reporting about material cybersecurity incidents and periodic reporting with updates on previously reported cybersecurity incidents.
Registrants would have to report periodically on their policies and procedures for managing cybersecurity risks, as well as their board of directors’ oversight of cybersecurity risk, and their management’s role and expertise in managing cybersecurity risks.
In supporting the proposal, SEC Chair Gary Gensler cited the emerging risk cybersecurity threats present to companies and investors. “Investors want to know more about how issuers are managing those growing risks,” said Gensler. “A lot of issuers already provide cybersecurity disclosure to investors. I think companies and investors alike would benefit if this information were required in a consistent, comparable, and decision-useful manner.”
The proposed amendments will be open for a public comment period after they are published on the SEC’s website and in the Federal Register.
The attorneys at Lewitas Hyman include former senior attorneys at the SEC whose legal experience and industry knowledge make them uniquely qualified to provide counsel on securities regulatory, compliance and enforcement matters. We regularly monitor SEC, FINRA and other self-regulatory organization rule-making activities to help ensure that our clients are aware of any new policies, while assisting them in implementing any recommended changes. If your firm is facing an investigation from a regulatory agency, please contact Lewitas Hyman at (888) 655 6002 or through our online contact form.
