Bloomberg Law
March 11, 2022, 6:02 PM

Cyber Alert Plan Puts Onus on Businesses to Assess Their Risks

Andrea Vittorio
Andrea Vittorio

The SEC’s newly proposed deadline for cyber breach reporting ramps up pressure on companies to quickly gauge the business impacts of such events.

Under the Securities and Exchange Commission’s proposed rule, publicly traded companies would have to disclose a cybersecurity incident within four days of determining that it’s considered “material,” or important to the average investor. It’s a departure from other breach notification rules, imposed by states or on certain industries, that lay out a timeframe for companies to disclose after discovering a data leak.

This “subtle shift” puts the onus on companies to comprehend the operational and strategic ...

Learn more about Bloomberg Law or Log In to keep reading:

Learn About Bloomberg Law

AI-powered legal analytics, workflow tools and premium legal & business news.

Already a subscriber?

Log in to keep reading or access research tools.