SEC Professionals Groups

 View Only

Cyber-Security Breach Disclosures Report 

04-07-2023 06:07 PM

March 2023

Cyber-Security Breach Disclosures

How Existing Reporting Compares To The Enhanced Disclosure Rules Expected From The SEC - Timely Reporting May Need Extra Attention

By: MyLogIQ


Cyber-security breaches certainly are top of mind right now, this was a point of discussion if you caught our recent Q1 SEC Pro Group National Meeting featuring David Peavler (
recording here). 

Enhanced Disclosure Rules On The Horizon


With the expected April 2023 announcement from the U.S. Securities and Exchange Commission (SEC) of finalized rulemaking to enhance disclosure of cybersecurity risk management, we took a look at current reporting practices to see where things stand and to help provide guidance on where companies need to go once the new rule becomes effective.


5 Areas of Disclosure Focus


The proposed rule, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure has five areas of disclosure focus:


  • Incident Disclosure

  • Timeliness of Incident Disclosure

  • Board Oversight

  • Board Expertise

  • Management Policies & Procedures.


This report looks at disclosure practices for the first four of these areas.