SEC issues interpretive guidance on cybersecurity

  • SEC (US Securities and Exchange Commission) (dark gray) Image

22 Feb 2018

The increasing number and severity of cybersecurity incidents has led the Securities and Exchange Commission (SEC) to issue interpretive guidance to promote clearer and more robust disclosures by public companies in relation to their cybersecurity risks and incidents.

Previous guidance in this area stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

For more information, see the press release and interpretation on the SEC’s website.

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.