The US Securities and Exchange Commission (SEC) has implemented new rules that require public companies to promptly disclose material cyber incidents. CFOs are now responsible for disclosing significant cyber incidents within a four-day window. The SEC’s new cybersecurity disclosure rules require public companies to disclose any cybersecurity incident determined to be material within four business days of confirmation. CFOs need to work closely with Chief Information Security Officers (CISOs) to determine the materiality of cybersecurity incidents and establish effective communication channels. Companies are also required to include cybersecurity management information in their annual reports, and CFOs play a crucial role in ensuring that these reports accurately reflect the company’s cybersecurity practices. Non-compliance with the SEC’s cybersecurity disclosure rules can have serious consequences, including SEC penalties, investor lawsuits, reputational damage, and financial losses. CFOs can prepare for the four-day disclosure window by understanding what constitutes a material incident, building a cybersecurity response team, implementing effective incident response processes, providing regular training and awareness programs for employees, engaging external experts to assess cybersecurity practices, and continuously monitoring and improving cybersecurity defenses. Compliance with the SEC’s cybersecurity disclosure rules can enhance a company’s reputation, build investor trust, and mitigate the financial risks associated with cyberattacks. It also demonstrates a commitment to cybersecurity and can attract potential investors who prioritize sound cybersecurity practices.
CFOs, unlock insights on SEC’s brief 4-day disclosure window
Latest from News
CISA alert: Watch your credentials in FY23 risk assessment
TLDR: CISA warns about the risk of credential access in FY23 risk & vulnerability assessment IBM’s X-Force Threat Intelligence Index 2024 also identifies credential
Stay safe online AARP Virginia Fraud Alert: Cyber Security Awareness
TLDR: Key Points: October is National Cybersecurity Awareness Month Important tips to stay safe online include using strong passwords, enabling multi-factor authentication, updating software,
Aussie Cyber Pros Reveal Rising Stress Levels
TLDR: Australian cybersecurity professionals are facing increased job stress due to a complex threat landscape, low budgets, and hiring challenges. The industry prefers candidates
Proxy statements: Boards’ AI and cyber-security oversight, forecasting ahead
TLDR: Proxy statements have evolved from compliance documents to key tools for communicating with shareholders. Ron Schneider from Donnelley Financial Solutions discusses best practices
Businesses taking action against cyber threats: PwC shows readiness
TLDR: Organisations are taking action towards cyber resilience, with 77% expecting their cyber budget to increase over the coming year. PwC’s survey highlighted that