SEC.gov | Statement on Commission Statement and Guidance on Public Company Cybersecurity Disclosures: The more significant question is whether this rebranded guidance will actually help companies provide investors with comprehensive, particularized, and meaningful disclosure about cybersecurity risks and incidents. I fear it will not.
Per Politico..."Democratic
Commissioner Kara Stein, though, found fault with the updated guidance. She supported advancing
it, but with reservations. She said the SEC could have done more, like
exploring potential rules that would establish a timeframe for companies to
disclose a breach to investors. "While it may have the potential of providing
both companies and investors with incremental benefit, the guidance does not
sufficiently advance the ball - even in the context of disclosure
guidance," she wrote . "Even more, it may provide investors a false
sense of comfort that we, at the commission, have done something more than we
have."