SEC Says Public Companies May Need to Disclose Attacks
The Threat Post reports the Securities and Exchange Commission has issued new guidance to help public companies determine when they may need to disclose an attack–or even a potential attack–in order to make potential investors aware of possible risks to the company’s business. The guidance, which does not constitute a rule or requirement for companies to disclose, is meant to help “registrants in assessing what, if any, disclosures should be provided about cybersecurity matters.”
