Cybersecurity incidents are constantly in the news these days, but you’ll soon be hearing about a lot more of them. That’s because a new rule from the Securities and Exchange Commission went into effect on Monday, requiring all public companies to report data breaches in just four days.
The new SEC rule requires public companies to submit a government filing within four business days of determining a cybersecurity incident “material.” In 23andMe’s data breach, users found out in December that 6.9 million people had their biodata exposed, even though the hack happened in early October.
Read more…
Source: Gizmodo
- Related: Why imminent SEC cyber rule changes means cyber security leadership must come from the very top