The Securities and Exchange Commission (SEC) has adopted new rules requiring public companies to disclose within four days material cybersecurity breaches that could affect investors.
In a statement announcing the decision, SEC Chair Gary Gensler acknowledged that many public companies already disclose cybersecurity events to investors.
“I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable and decision-useful way,” Gensler said. The rules will benefit investors, companies and the markets connecting them, he added.
Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Companies must also periodically spell out their efforts to manage, strategize and govern cyber attacks in cyberspace, the SEC said.
First proposed in March 2022, the rule is part of a broader SEC effort to reinforce the financial system against systems failure, data theft and cyber-intrusions.
- SEC Sues Coinbase and Binance, World's Two Largest Cryptocurrency Exchanges
- SEC Sues 2 Major Crypto Exchanges, Attempts to Regulate the Industry: Kiplinger Economic Forecasts
- SEC Sets Sights on Technologies That Encourage Excessive Trading
-
Target Is the Worst S&P 500 Stock After Earnings. Here's WhyTarget stock is down big after the retailer missed expectations for its third quarter and slashed its full-year outlook. Here's what Wall Street is saying.
-
Tax Credit vs. Tax Deduction: What’s the Difference?Tax Breaks Your guide to tax deductions and credits, how the IRS treats them differently, and how they impact your tax bill.
