United States of America: Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

Compare with different regulatory event:

Description

Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC reporting requirements. They would require companies to report material cybersecurity incidents within four days, as well as to provide periodic updates on their cybersecurity risk management strategy and on incidents previously reported.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2022-03-23
in consultation

On 23 March 2022, the Securities and Exchange Commission (SEC) has published and opened a consultat…

2022-05-09
processing consultation

On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its prop…