The SEC’s Cybersecurity Rules Have Come Into Effect – How to Make it Easier to Comply

Blog by: Acuity Risk Management

The U.S. Securities and Exchange Commission (SEC)’s rules on reporting material cybersecurity incidents and disclosing information regarding their cybersecurity risk management, strategy and governance have come into effect.

From December 18th, 2023, publicly listed companies (other than smaller reporting companies) must begin complying with the incident disclosure requirements.  Smaller reporting companies have an additional 180 days and must begin complying from June 15th, 2024.

Find out more: Click here