SEC PROPOSES MANDATORY CYBERSECURITY DISCLOSURE RULES FOR PUBLIC COMPANIES
On March 9, 2022, the Securities and Exchange Commission (SEC) released proposed amendments that would require U.S. public companies to make prescribed cybersecurity disclosures. The proposed amendments are intended to strengthen investors’ ability to better evaluate public companies' cybersecurity practices and incident reporting by requiring:
The proposed amendments also require foreign private issuers to provide cybersecurity disclosures consistent with the disclosure that is proposed for U.S. public companies in their annual reports and provide comparable incident reporting.
A Fact Sheet is available here.
Comments are to be submitted to the SEC by May 9, 2022.
For more information, contact Adrian Walrath.