United States of America: SEC rules on enhancing and standardising cybersecurity risk management

Progress

Current status

processing consultation

21 Oct 2022 processing consultation

07 Oct 2022 in consultation

09 May 2022 processing consultation

23 Mar 2022 in consultation

Scope

Implementers

United States of America

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Government Branch

executive

Government Body

other regulatory body

Implementation Level

national

Timeline of events

21 Oct 2022

processing consultation

Second consultation closed on SEC rules on enhancing and standaridising cybersecurity risk management

On 21 October 2022, the Securities and Exchange Commission closed consultations for the amendment to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public com…

Source

Event type order

Action type consultation closed

Government branch executive

Government body other regulatory body

07 Oct 2022

in consultation

Consultation reopened on SEC rules on enhancing and standaridising cybersecurity risk management

On 7 October 2022, the Securities and Exchange Commission reopened the public consultation on the amendment to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by …

Source

Event type order

Action type consultation opened

Government branch executive

Government body other regulatory body

09 May 2022

processing consultation

Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC reporting requirem…

Source

Event type order

Action type consultation closed

Government branch executive

Government body other regulatory body

23 Mar 2022

in consultation

Consultation opened on SEC rules on enhancing and standardising cybersecurity risk management

On 23 March 2022, the Securities and Exchange Commission (SEC) has published and opened a consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC rep…

Source

Event type order

Action type consultation opened

Government branch executive

Government body other regulatory body

Progress

Scope

Timeline of events

Second consultation closed on SEC rules on enhancing and standaridising cybersecurity risk management

Consultation reopened on SEC rules on enhancing and standaridising cybersecurity risk management

Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

Consultation opened on SEC rules on enhancing and standardising cybersecurity risk management

Related changes

United States of America: SEC Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure

United States of America: Joint Resolution providing for Congressional Disapproval of SEC Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (S.J.Res 50)

United States of America: United States National Cybersecurity Strategy 2023

United States of America: Department of Homeland Security third review on Cloud Security

United States of America: Office of Management and Budget Security Rules for Federal Government Software Suppliers outlining cybersecurity standards

United States of America: 2023 Department of Defense Cyber Strategy

United States of America: CISA, NSA and ODNI Guidance for Customers on Securing the Software Supply Chain

United States of America: Executive Order on Ensuring Robust Consideration of Evolving National Security Risks by the Committee on Foreign Investment in the United States

United States of America: NSA Network Infrastructure Security Guidance

United States of America: FCC Inquiry into Vulnerabilities of Internet Global Routing System

United States of America: Export ban measures in US Information Security Controls of Cybersecurity Items

United States of America: CISA Advisory on Russian State-Sponsored Cyber Threats to US Critical Infrastructure

United States of America: Measures to enhance supply chain security for critical software