New SEC rule requires public companies to disclose cybersecurity breaches in 4 days

The Securities and Exchange Commission adopted rules Wednesday to require public companies to disclose within four days all cybersecurity breaches that could affect their bottom lines. Delays will be permitted if immediate disclosure poses serious national security or public safety risks.

The new rules, passed by a 3-2 vote, also require publicly traded companies to annually disclose information on their cybersecurity risk management and executive expertise in the field.

Read more…
Source: The Independent