SEC's New Cybersecurity Disclosure Rules Now in Effect

Burr & Forman

Burr & Forman

In September, the Securities Exchange Commission’s new Cybersecurity Rule for reporting public companies became effective. The SEC Cybersecurity Rule applies to public companies and generally requires (1) disclosure of material cybersecurity incidents on Form 8K within four days, (2) the firm’s risk assessment and management efforts, and (3) management’s involvement and board’s oversight of these issues. It became effective Sept. 5, 2023, but has various compliance dates depending upon particular issues and company size. Exchange Act Release No. 97989 is here.

The SEC has a pending rule proposal that would impose similar requirements upon Wall Street firms. The industry cybersecurity rule, if adopted, generally will require (1) written policies and procedures to assess and manage cybersecurity risks and incidents, (2) immediate notice to the SEC of “significant incidents,” and (3) public disclosures to provide greater transparency around cybersecurity risks. The Proposal, Exchange Act Release No. 97142, is here.

In its Sept. 27 Corporate Notice, the Financial Industry Regulatory Authority (“FINRA”) shined a light on its various cybersecurity efforts. FINRA recently updated its Small Firm Cybersecurity Checklist – a resource for firms establishing or assessing their cybersecurity programs. 

FINRA also offers a Firm Checklist for Compromised Accounts. General resources are collected on FINRA’s Cybersecurity topic page.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Burr & Forman | Attorney Advertising

Written by:

Burr & Forman

Burr & Forman on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide