in ,

Report: Proposed SEC Rules to Help Strengthen Public Companies’ Ability to Combat Cyberthreats

Report: Proposed SEC Rules to Help Strengthen Public Companies' Ability to Combat Cyberthreats - top government contractors - best government contracting event

A report released by the National Association of Corporate Directors, Cyber Threat Alliance and SecurityScorecard says the Securities and Exchange Commission’s proposed cyber risk and incident disclosure requirements for public companies would help improve the ability of such businesses, advisers and funds to counter cybersecurity threats and carry out risk mitigation measures.

“The SEC’s actions in the past year, paired with recently released rules, draw a line under the critical role of management and boards in protecting not just investors and customers, but also the sound functioning of American business,” Friso van der Oord, senior vice president of content at NACD, said in a statement published Thursday.

On Feb. 9, the commission introduced rules that would require advisers and funds to report major cyber incidents within 48 hours and implement cyber procedures and policies to mitigate operational risks.

A month later, SEC proposed to amend rules to improve and standardize disclosures by public companies regarding incident reporting, cybersecurity risk management, governance and strategy. Comments on the proposed rules are due May 9.

The report includes a discussion of risks associated with third parties that have access to confidential data and covers recent cases in which SEC initiated actions after organizations failed to submit suspicious activity reports and disclosures or gave misleading statements on a cyberattack.

“It’s important that publicly traded companies appropriately disclose that risk so that investors can make informed decisions; in turn, better informed decisions create the market incentive for increased security across the ecosystem,” said Michael Daniel, president and CEO of CTA.

Sachin Bansal, chief business and legal officer at SecurityScorecard, highlighted the need for organizations to have continuous visibility into cyber vulnerabilities.

“Organizations need an automated, integrated and collaborative approach to gaining this visibility – it’s crucial to business continuity and to adhering to the new policies and procedures set forth by the SEC,” Bansal added.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Lockheed's Atherton Carty on Advancement in Hypersonics Development - top government contractors - best government contracting event
Lockheed’s Atherton Carty on Advancement in Hypersonics Development
Northrop Teams With Ansys on Space Force Radar Development - top government contractors - best government contracting event
Northrop Teams With Ansys on Space Force Radar Development