Search common contracting language and take a deeper dive to discover what each means
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Disclosure Rules require public companies to disclose material cybersecurity risks and incidents in their public filings. These rules apply to all companies that are publicly traded in the United States, regardless of their size or industry.
Under the SEC Cybersecurity Disclosure Rules, companies are required to disclose their cybersecurity risks and incidents if they are material to their business or financial condition. Materiality is determined by considering the nature, extent, and potential impact of the cybersecurity risk or incident on the company's operations, reputation, or financial condition.
The latest news on the SEC cybersecurity disclosure rules is that the SEC has recently announced that it will be reviewing the effectiveness of the current rules in light of the increasing frequency and sophistication of cybersecurity incidents. The SEC has also indicated that it may update its guidance on cybersecurity disclosures to provide greater clarity and consistency for companies.