Security Incident Disclosures for Public Companies

Posted by BAS - 31 March, 2022

header-picture

The Securities and Exchange Commission (SEC) issued proposed rules which, if finalized, would change disclosures of cybersecurity incidents and risk management. The proposed rules apply to public companies that are subject to the Securities and Exchange Act of 1934.

The rules are intended to standardize disclosures about cybersecurity risk management, strategy, governance and incident reporting. They require periodic disclosures about a company’s policies and procedures to identify and manage cybersecurity risk, management’s role in implementing cybersecurity policies and procedures, and the board of directors’ cybersecurity expertise and oversight of risk.

The proposed rule may be accessed by clicking here.

Topics: MyEnroll360 Security, HR & Benefit Plans, HR & Benefits News, Technology News


Recent Posts

Question of the Week - Distribution of COBRA Initial Rights Notice

read more

Cybersecurity Alert: Rising Social Engineering Threats to IT Help Desks

read more

ACA Hours Upload in MyEnroll360

read more