When autocomplete results are available use up and down arrows to review and enter to select.
ICBA and other groups called for the Securities and Exchange Commission to rescind its cyber incident disclosure rule.
Details: In a petition to the SEC, the groups said the rule puts companies that fall victim to cyberattacks at greater risk and undermines the SEC’s primary goal of protecting investors.
Key Concerns: The groups said the rule:
Exposes victims to further harm.
Gives ransomware criminals a tool for extortion.
Strains national security and law enforcement resources.
Creates market confusion.
Chills internal communication.
Background: The SEC adopted the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule in July 2023. The rule requires public companies to disclose material cyber incidents within four business days, adding to an already complex list of reporting and disclosure obligations that financial institutions and other critical infrastructure sector companies must follow.