by in
The SEC has introduced a new rule requiring public companies to be more transparent about material cybersecurity incidents, requiring disclosure within four business days. To comply, companies should revise their incident response plan, update their notification procedure, assess material incident identification and impact, develop protocols for data protection and disclosure balance, review plans and assess third-party, conduct tabletop exercises, and foster a culture of cybersecurity awareness. By asking the right questions and taking the necessary steps, companies can ensure they are ready to comply with the SEC’s new rule.
Bulletpoints:
– Update incident response plan
– Update notification procedure
– Assess material incident identification and impact
– Develop protocols for data protection and disclosure balance
– Review plans and assess third-party
– Conduct tabletop exercises
– Foster a culture of cybersecurity awareness
