Skip to main content

What We Do

May 10, 2022

Better Markets Supports SEC Rules to Establish Comprehensive Cybersecurity Disclosure Requirements for Publicly Traded Companies

Better Markets filed a comment letter in response to the Securities and Exchange Commission’s proposal to establish comprehensive cybersecurity disclosure requirements for publicly traded companies.

Why It Matters. A recent survey of CEOs found that the top threat CEOs were most worried about over the next 12 months was cybersecurity, edging out the COVID-19 global health crisis. While we have seen the economic damage a global pandemic can have on companies of all sizes, we have also seen the crippling effects a major cyberattack or data breach can have on a company. These cyberattacks and data breaches can have material effects on a company’s business operations, reputation, and financials. Despite the serious risk posed by cybersecurity to a business’ operations, reputation, and financials, there are currently no regulations that directly address how companies should disclose cybersecurity risks, governance, and incidents to investors. This has led to a disclosure regime that lacks uniformity and leaves investors to search a company’s SEC disclosures, press releases, and website to find requisite cybersecurity information, if this information is even disclosed at all.

What We Said. The Proposal builds off previous guidance issued by the staff and the Commission to ensure more standardized and timely disclosures of cybersecurity risks, governance, and incidents to investors. The proposed Item 106 disclosures in Form 10-K will better inform investors of the cybersecurity risks posed to the operations, reputation, and financials of a publicly traded company. Additionally, the proposed Item 1.05 in Form 8-K will inform investors of material cybersecurity incidents in a timely manner which minimizes the ability of corporate insiders and malicious actors to trade on material, nonpublic information at the expense of investors.  Along with our broad support for the Proposal, we highlighted a few ways in which it should be strengthened by enhancing some of the required disclosures and expanding the class of cybersecurity incidents that trigger a disclosure obligation.

Bottom Line. Better Markets supports the Commission’s proposed rule to establish comprehensive cybersecurity disclosure requirements for publicly traded companies, which would provide investors with more standardized and timely material information about the cybersecurity risks, governance, and incidents that face publicly traded companies in today’s financial markets.

Read our full Comment Letter here or click the button below.

Better_Markets_Comment_Letter_Cybersecurity_Risk_Management_Strategy_Governance
Comment Letters
Share

Donate Today!

Donate

Contact Us

For media inquiries, please contact press@bettermarkets.org or 202-618-6433.

To sign up for our email newsletter, please visit this page.

Name(Required)
This field is for validation purposes and should be left unchanged.

Sign Up — Stay Informed With Our Monthly Newsletter

"* (Required)" indicates required fields

This field is for validation purposes and should be left unchanged.

For media inquiries,

please contact press@bettermarkets.org or 202-618-6433.

Donate

Help us fight for the public interest in our financial markets, protecting Main Street from Wall Street and avoiding another costly financial collapse and economic crisis, by making a donation today.

Donate Today