The Chainkeen ExchangeU.S. Securities and Exchange Commission announced new rules yesterday requiring public companies to disclose cybersecurity incidents as soon as four business days.
SEC Chair Gary Gensler said the disclosure "may be material to investors" and could benefit them, the companies and markets connecting them.
“Currently, many public companies provide cybersecurity disclosure to investors. I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable, and decision-useful way," he said.
The new rules were proposed in March 2022 after the SEC noted the increase in cybersecurity risks following the way companies pivoted toward remote work, moving more operations online, use of digital payments, increased reliance on third-party service providers for services like cloud computing technology, and how cyber criminals are able to monetize cybersecurity incidents.
Under the new rules, companies are required to fill out the brand new 8-K form, which will have Item 1.05 added to disclose cybersecurity incidents. It will require disclosing and describing the nature, scope, and timing of the incident, material impact or reasonably likely material impact, including the financial condition and results of operations.
If the incident will have a significant effect, then the company has to report it in four days. But if the U.S. Attorney General deems the immediate disclosure a risk to national security or public safety, disclosure could be delayed.
The new regulation requires companies to describe their process assessing cybersecurity threats, how their board of directors oversee cybersecurity threats, and how management assesses the threat.
Foreign companies will use the amended 6-K form to disclose cybersecurity incidents and the amended 20-F form for periodic disclosure.
In this year's "Cost of a Data Breach Report" by IBM Security, the average cost of a data breach in 2023 was $4.45 million, a 2.3% increase from 2022 when it was $4.35 million. The United States has lead the way for 13 consecutive years in highest data breach costs. This year, the Middle East, Canada, Germany and Japan also made up the top five countries with the most expensive data breaches.
During ransomware attacks, companies that excluded law enforcement paid 9.6% more and experienced a longer breach at 33 days.
Only one-third of the companies found data breaches themselves, while the rest were reported by the attackers themselves or by a third party. Among industries, health care had the highest data breach costs in the U.S. this year, followed by the financial, pharmaceutical, energy, and industrial sectors in order.
2025-04-30 05:391852 view
2025-04-30 05:18186 view
2025-04-30 05:061112 view
2025-04-30 04:421979 view
2025-04-30 04:23491 view
2025-04-30 03:371630 view
Danielle Waterfield was already dealing with the shock and disappointment of being fired from a job
When the uncrewed orbiter reaches the moon by 2030, it will begin the task of mapping and scanning a
Joan Vassos is stepping into the spotlight as the first-ever "Golden Bachelorette" with the new seri
