Friday, February 23, 2018
U.S. SEC calls for 'clearer' cyber risk disclosure from companies
"The U.S. Securities and Exchange Commission on Wednesday updated guidance to public companies on how and when they should disclose cyber security risks and breaches, including potential weaknesses that have not yet been targeted by hackers.
The guidance also said company executives must not trade in a firm’s securities while possessing nonpublic information on cyber security attacks.
The SEC encouraged companies to consider adopting specific policies restricting executive trading in shares while a hack is being investigated and before it is disclosed."
