Clifford Chance

SEC Proposes Expansive New Cybersecurity Disclosure Regulations For Public Companies

March 14, 2022

On March 9, 2022, the U.S. Securities and Exchange Commission proposed rules that would require public companies to report material cybersecurity incidents within four business days and make periodic disclosures regarding their cybersecurity risk management, strategy, and governance.  If enacted in their current form, these rules would impose substantial new disclosure requirements on many issuers.

Download PDF