Publicly traded companies are now obligated to adjust their cybersecurity measures, responding to a recent update on financial sector regulations. This shift has positioned general counsels into a significant role in addressing data breaches and other cyberattacks.
As stipulated by a final rule of the Securities and Exchange Commission (SEC) in September, businesses must report system breaches to the agency within four days, in cases where the event may have a significant impact on the company. This amendment to two federal regulations demands a level of public disclosure about incidents that is not required by a majority of the government’s existing and upcoming 51 federal reporting rules.
The role of the general counsel has expanded with the scrutiny of governance, given that public companies have only four days to notify the SEC of ‘material’ hackings. This places a significant responsibility on general counsels to establish protocols and procedures for swift and efficient responses to such security incidents.
The full article can be accessed through this link.