This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

SEC issues interpretive guidance on cybersecurity

  • SEC document Image

Feb 21, 2018

The SEC has issued an interpretation, “Commission Statement and Guidance on Public Company Cybersecurity Disclosures.”

The interpretation assists “public companies in preparing disclosures about cybersecurity risks and incidents” and outlines the SEC’s views on “cybersecurity disclosure requirements under the federal securities laws as they apply to public operating companies.” This Commission guidance reinforces and further builds on the Division of Corporation Finance (CF) principles-based guidance on cybersecurity issued in 2011 (CF Disclosure Guidance: Topic No. 2). In addition, it addresses the importance of cybersecurity disclosure controls and procedures and the application of insider trading prohibitions, and Regulation FD and selective disclosure prohibitions in the cybersecurity context.

The interpretation will become effective on the date of its publication in the Federal Register.

For more information, see the press release and interpretation on the SEC’s Web site.

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.