- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-12-13T18:04:00
Companies won’t have an easy path toward earning additional time from the Department of Justice (DOJ) regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission (SEC) as required under a new rule.
The DOJ released guidance Tuesday on how it will reach its determinations on whether companies qualify for disclosure delays available when the U.S. attorney general determines there are national security risks at play. In all other circumstances, the SEC’s rule, adopted in July and effective this month, requires public companies to disclose the nature, scope, timing, and impact of cybersecurity incidents within four business days upon discovery of materiality.
Last week, the Federal Bureau of Investigation published guidance on what information companies seeking a reporting delay should provide and where to submit requests. The DOJ’s guidance suggested there will be “limited circumstances” where delays will be granted.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Large public companies say they are prepared to comply with the disclosure requirements of the SEC’s new cybersecurity incident rule, according to a survey conducted by Compliance Week and DLA Piper, but concerns exist that those reports could enhance the threat of future cyberattacks.
The Reserve Bank of New Zealand added new reporting requirements for its member banks to follow if they suffer a material cyber incident and for all types of cyberattacks.
Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
The global average cost of a data breach jumped to an all-time high for the second year in a row, but companies can reel in the ballooning drag on profits by adopting artificial intelligence, according to an IBM report.
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
