United States of America: Consultation on proposed amendments to SEC rules on cybersecurity disclosures for public companies closes

On 9 May 2022, the public consultation on the proposed amendments to the rules for public companies regarding cybersecurity risk management disclosures closes. The Securities and Exchange Commission (SEC) opened the consultation on the amendments on 9 March 2022. In particular, the amendments would require companies to report cybersecurity incidents and follow up with periodic reports regarding those incidents. Furthermore, the companies would be required to provide SEC periodic reporting on its policies and procedures regarding the management of cybersecurity risks. Finally, the amendments would require companies to report and disclose the cybersecurity expertise of the company’s board of directors.