Subscribe

Public companies comply with SEC cyber disclosure rules early

Publicly traded companies are complying with the Securities and Exchange Commission’s (SEC) new cyber disclosure rules ahead of their December start date. The rules require companies to disclose material cyber incidents within four business days.

Most public companies don’t need to start reporting material cyber incidents until December 18, but many are already abiding by the rules. For example, Okta reported a security breach last week, and Caesars reported a cyber incident earlier this month.

The early disclosures are giving other businesses a preview of what to expect from regulators, shareholders, and consumers when they report their own cyber incidents.

Under the new rules, companies must disclose a description of the cyber incident, including the date, nature, and scope of the attack, the impact of the incident on the company’s operations and financial condition, and any remedial measures the company has taken or is taking to address the incident in an 8-K filing.

Companies must also disclose more details about their internal cybersecurity programs in annual reports. This includes information about the company’s cybersecurity governance, risk management, and incident response procedures.

The new rules have triggered pushback and anxiety among corporations worried about the implications of public incident disclosures. Some companies are concerned that the SEC will use their 8-K filings to hold them liable for incidents.

Others are unsure how consumers and shareholders will respond to reports of new cyberattacks. However, experts say that companies can mitigate these risks by preparing now. They recommend that organizations conduct tabletop exercises, establish crisis communications plans, and provide cybersecurity training to board members.

They say that companies can determine if a cyberattack will have a material business impact by considering the cost of business interruptions, the cost of ransom payments, and the cost of network security upgrades. However, most 8-K filings don’t stray much from how companies were already publicly discussing incidents. They typically stick to a short statement that says they’re facing an incident and will return with more information at a later date.

The sources for this piece include an article in Axios.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Sleeper Supply Chain Attack Activates After 6 Years

May 31, 2025 A coordinated supply chain attack has compromised between 500 and 1,000 e-commerce websites by exploiting vulnerabilities in 21 more...

Russian-Controlled Open Source Tool Raises Alarms Over U.S. Cybersecurity

May 31, 2025 A widely used open-source Go library, easyjson, used in healthcare, finance and even defence has come under scrutiny more...

Signal Archiving Tool Used By Trump Admin Is Breached, Raising Alarms Over Messaging Security (EDITORIAL)

May 31, 2025 (EDITORIAL) A messaging tool used by Trump administration officials to archive encrypted Signal messages has been hacked — more...

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

April 22, 2025 Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.