By WK Editorial Staff
Regulated entities will need to be prepared to comply with the Securities and Exchange Commission’s cyber incident reporting in short order, with the requirement that material cybersecurity incidents be disclosed within four days kicking in on Dec. 18 (smaller reporting companies have until June 15, 2024). Wolters Kluwer Privacy Law Analyst Tony Foley details the new incident disclosure, annual disclosure, and risk management and governance aspects of the SEC’s new cybersecurity rules in this new Strategic Perspective, with commentary from Danette Edwards, partner and co-chair of the securities enforcement defense practice at Katten Muchin Rosenman LLP.
You can read the article here.