The U.S. Securities and Exchange Commission (SEC) enacted new cybersecurity disclosure requirements, that reshaped the regulatory framework for how public corporations manage cyber risk and report material cybersecurity incidents. These new requirements are in response to institutional exposure caused by sophisticated cyberattacks and increase in third-party and supply chain vulnerabilities, theft of intellectual property and social engineering.
