United States Securities Exchange Commission Rule Update: Cybersecurity Risk Management and Incid….>
– FPT Software
The United States Securities and Exchange Commission (SEC) has proposed an updated rule titled “Cybersecurity Risk Management Strategy, Governance, and Incident Disclosure” for publicly traded companies.10-K and 10-Q: Previously undisclosed incidents must be disclosed, especially if material in aggregate.- Governance: The cybersecurity governance policy, including the board’s oversight role.- Management’s Role: Management’s role and expertise in assessing and managing cybersecurity risks and implementing policies, procedures, and strategies.Document Risk Management and Staff Experience: Adopt written policies and procedures addressing administrative, technical, and physical safeguards to protect customer records and information.Review Existing Policies and Records: For the governance and experience portions of the periodic reports, you may be able to leverage existing security compliance reports, including SOC or ISO 27001.
Link: https://blog.fpt-software.com/united-states-securities-exchange-commission-rule-update-cybersecurity-risk-management-and-incident-disclosure
United States Securities Exchange Commission Rule Update: Cybersecurity Risk Management and Incid….
Categories:
Tags: