Skip to main content


Cybersecurity Photo

May 10, 2022

SEC Proposal Would Establish Comprehensive Cybersecurity Disclosure Requirements for the Benefit of Investors

WASHINGTON, D.C.—Legal Director and Securities Specialist Stephen Hall issued the following statement on the filing of Better Markets’ Comment Letter to the Securities and Exchange Commission (SEC) in response to the agency’s proposed rule that would establish comprehensive cybersecurity disclosure requirements for publicly traded companies:

“This proposal represents a major step forward in making sure investors have timely, comprehensive, and readily retrievable information about cybersecurity threats and incidents that can have a profound impact on a company’s operations and revenues.  A recent survey of CEOs confirms that they regard cybersecurity attacks and data breaches as among their most pressing concerns, edging out even the challenges arising from the COVID-19 pandemic.  Investors have a right to understand how companies are responding to these major risks.

“The SEC’s proposed rule would help establish comprehensive cybersecurity disclosure requirements that better inform investors about the increasingly serious risks that cyberattacks and data breaches pose to a company’s business operations, reputation, and financials. The proposal requires publicly traded companies to disclose to investors their cybersecurity policies and procedures, as well as any material cyberattacks or data breaches experienced by the company within four days. These efforts will help provide investors with more standardized and timely disclosures regarding a company’s cybersecurity risks, governance approaches, and incidents, all of which are clearly material.

“Despite the serious risks posed by cybersecurity to so many businesses, investors are often left to search for piecemeal disclosures regarding a company’s specific cybersecurity risks, policies and procedures, and incidents, if they are disclosed at all. For example, it is not uncommon for publicly traded companies to announce material cyber incidents via press a release, sometimes months after the incident occurred. And even when cybersecurity policies and procedures are disclosed to investors in SEC filings, they are often difficult to find, appearing in locations that vary by company. The scattered and unpredictable nature of such disclosures diminishes their effectiveness, which is why this proposed rule is needed. The proposal will provide investors with a more uniform and comprehensive understanding of the cybersecurity risks, governance approaches, and incidents of publicly traded companies, for the benefit of all investors.

Read our full comment letter here or click the button below.


Better Markets is a non-profit, non-partisan, and independent organization founded in the wake of the 2008 financial crisis to promote the public interest in the financial markets, support the financial reform of Wall Street and make our financial system work for all Americans again. Better Markets works with allies—including many in finance—to promote pro-market, pro-business and pro-growth policies that help build a stronger, safer financial system that protects and promotes Americans’ jobs, savings, retirements and more. To learn more, visit

Contact: Anton Becker, Communications Director, at 202-618-6430 or


Press Releases


For media inquiries, please contact us at or 202-618-6433.

Contact Us

For media inquiries, please contact or 202-618-6433.

To sign up for our email newsletter, please visit this page.

This field is for validation purposes and should be left unchanged.

Sign Up — Stay Informed With Our Monthly Newsletter

"* (Required)" indicates required fields

This field is for validation purposes and should be left unchanged.

For media inquiries,

please contact or 202-618-6433.


Help us fight for the public interest in our financial markets, protecting Main Street from Wall Street and avoiding another costly financial collapse and economic crisis, by making a donation today.

Donate Today