SEC issues interpretive guidance on cybersecurity

22 Feb 2018

The increasing number and severity of cybersecurity incidents has led the Securities and Exchange Commission (SEC) to issue interpretive guidance to promote clearer and more robust disclosures by public companies in relation to their cybersecurity risks and incidents.

Previous guidance in this area stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

For more information, see the press release and interpretation on the SEC’s website.

Related Publications

Financial Reporting Alert 24-2, Financial Reporting and Accounting Considerations Related to the Current Commercial Real Estate and Banking Macroeconomic Environment

16 Apr 2024

Financial Reporting Alert 24-1, Frequently Asked Questions About “Pillar Two” (Updated)

15 Apr 2024

On the Radar — Fair Value Measurements and Disclosures (Including the Fair Value Option)

10 Apr 2024

Roadmap: Fair Value Measurements and Disclosures (Including the Fair Value Option) (2024)

10 Apr 2024

All Related

Related Discussions

Release of IFRS Foundation Staff Analysis of the SEC Final Staff Report (13 July 2012)

23 Oct 2012
Comments from the representative of the US SEC

22 Oct 2012
Financial instruments – Classification and measurement

14 Jun 2011
Investment property

13 Jun 2011
All Related

© 2024. See Legal for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited ("DTTL"), its global network of member firms and their related entities. DTTL (also referred to as "Deloitte Global") and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.

IAS plus

IAS plus

Deloitte User?

IAS plus

SEC issues interpretive guidance on cybersecurity

Related Topics

Related news

Updated AOSSG survey on the financial reporting practices of Islamic financial institutions

SEC adopts rule that will require entities to disclose climate-related information

California adopts legislation requiring climate disclosures

G7 underlines commitment to global sustainability disclosures

G7 issues statement on climate disclosures and ISSB’s work

FASB and ASBJ hold biannual meeting

Related Publications

Financial Reporting Alert 24-2, Financial Reporting and Accounting Considerations Related to the Current Commercial Real Estate and Banking Macroeconomic Environment

Financial Reporting Alert 24-1, Frequently Asked Questions About “Pillar Two” (Updated)

On the Radar — Fair Value Measurements and Disclosures (Including the Fair Value Option)

Roadmap: Fair Value Measurements and Disclosures (Including the Fair Value Option) (2024)

Related Discussions

Release of IFRS Foundation Staff Analysis of the SEC Final Staff Report (13 July 2012)

Comments from the representative of the US SEC

Financial instruments – Classification and measurement

Investment property

Correction list for hyphenation