While the U.S. Securities and Exchange Commission’s (SEC) Cybersecurity Disclosure Rules may appear daunting, compliance is achievable. While the focus of the new Rules is on public companies, the impacts will be felt by nonpublic companies as well.
Join us on Wednesday, October 11, 2023 — in-person or live-streaming — at the next Midwest Cyber Security Alliance (MCSA) meeting, where sponsors HALOCK Security Labs and Foley & Lardner LLP will give you the combined legal and cyber risk management perspective. Know the dates of compliance. Understand the disclosure obligations. Identify steps to take and existing documents to leverage.
Learn More
Companies should think about this new rulemaking as being akin to Sarbanes-Oxley in that they will need to implement measurable cybersecurity risk management practices and controls from bottom-to-top-and-back to support new disclosure requirements. As a result, the risk of not meeting certain cybersecurity standards may come from the street, as well as regulators. The rules require that companies disclose their cybersecurity practices and incidents, not that they meet a specific standard of care, such as NIST 800-53 or CIS…