Spencer Fane attorney Shawn Tuma recently spoke with SecureWorld’s Cam Sivesind about upcoming requirements from the U.S. Securities and Exchange Commission (SEC) regarding corporate cybersecurity transparency.
The article, SEC to Put More Onus on Corporate Boards for Cybersecurity, outlines new proposed SEC rules that will require corporate boards to fully disclose any cybersecurity incidents within four business days. The changes also include specifics for identifying incident responsibility and will affect cybersecurity policies and procedures.
Shawn noted that the SEC aims “to require companies to provide meaningful and actionable information to shareholders to better understand companies’ cyber risks and how companies are managing and responding to them.” He put these desired disclosures into two categories, “proactive cyber risk governance and risk management,” and “reactive incident response and reporting.”
At Spencer Fane, Shawn helps businesses protect their information and protect themselves from their information. He represents a wide range of clients across the United States and globally in dealing with cybersecurity, data privacy, data breach and incident response, regulatory compliance, computer fraud-related legal issues, and cyber-related litigation.
Read the full article here.