SEC Publishes New C&DI On Cybersecurity Rules
Back in fourth quarter 2023, the SEC published several new compliance and disclosure interpretations on various topics including cyber incident disclosure, proxy and information statements, the inclusion of securities in the filing fee exhibit, and Inline XBRL. As my blog topic list tends to be very long, I am finally getting to this and will cover the various new C&DI topics over the next few weeks.
Cybersecurity
In July, 2023 the SEC adopted final new rules requiring disclosures for both domestic and foreign companies related to cybersecurity incidents, risk management, strategy and governance (see HERE for a review of the new rules). The SEC has published three new C&DI directly related to the Form 8-K reporting requirements and ability to delay reports based on national security concerns.
The cybersecurity rules add new Item 1.05 to Form 8-K requiring disclosure of a material cybersecurity incident including the incident’s nature, scope, timing, and material impact or reasonably likely impact on the