SEC Adopts Robust New Cybersecurity Disclosure Rules
In late July 2023, the Securities and Exchange Commission (“SEC”) adopted new rules requiring public companies to disclose cybersecurity incidents and cybersecurity governance policies and practice. The SEC largely adopted its original proposal issued in March 2022, with some modifications applicable to cybersecurity disclosure requirements. The SEC voted to adopt the new rules in a 3-2 vote. The new disclosure requirements however are effective no...