SEC issues interpretive guidance on cybersecurity

  • US_SEC Image

Feb 21, 2018

On February 21, 2018, the Securities and Exchange Commission (SEC) issued interpretive guidance to promote clearer and more robust disclosures by public companies in relation to their cybersecurity risks and incidents, as a result of the increasing number and severity of cybersecurity incidents.

Previous guidance in this area stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

Review the press release and interpretation on the SEC’s website.

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.