Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Public companies received newguidancefrom the SEC on Wednesday on the disclosures they should make related to cybersecurity. The previous guidance, issued in October 2011, stated

Public companies received newguidancefrom the SEC on Wednesday on the disclosures they should make related to cybersecurity.

The previous guidance, issued in October 2011, stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The increasing number and severity of cybersecurity incidents has led the SEC to conclude that more specific disclosure requirements are necessary.

In an interpretation and statement issued Wednesday, the SEC stated that it expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

"I believe that providing the commission's views on these matters will promote clearer and more robust disclosure by companies about cybersecurity risks and incidents, resulting in more complete information being available to investors," SEC Chairman Jay Clayton said in a news release."In particular, I urge public companies to examine their controls and procedures, with not only their securities law disclosure obligations in mind, but also reputational considerations around sales of securities by executives."

When companies become aware of a cybersecurity incident or risk that would be material to investors, they are required to make appropriate disclosures in a timely manner, before the offer and sale of securities, the SEC said. In addition, steps should be taken to prevent directors, officers, and other corporate insiders from trading in company securities until investors are appropriately informed.

Although companies may not have all the facts at the time of the initial disclosure, the SEC said an internal or external investigation is not a basis for avoiding disclosures of a material cybersecurity incident.

The guidance also includes issues for companies to consider as they evaluate disclosure of cybersecurity risk factors. In the management discussion and analysis, meanwhile, the SEC states that companies may need to disclose costs and risks related to cybersecurity, as well as the costs of combating cyberattacks.

In addition, the guidance discusses the potential effects of cybersecurity risk on the definition of a business, disclosures of legal proceedings, financial statement disclosures, and disclosures of board risk oversight.

  1. Review the following article and discuss 3 reasons why you believe the SEC has mandated new requirements for public companies. Additionally, discuss two ways this may impact stakeholder's decisions.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Practicing Financial Planning

Authors: Sid Mittra, Anandi P Sahu, Brian Fischer

12th Edition

9386042851, 9789386042859

More Books

Students also viewed these Accounting questions

Question

Outline four general characteristics of Wundts thought.

Answered: 1 week ago

Question

pls help asap i will like thank you

Answered: 1 week ago