Cybersecurity takes the spotlight in the U.S. calling to new developments

The month of August witness a significant cybersecurity development in the U.S.:

The U.S. Securities and Exchange Commission (SEC) adopted new rules regarding Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure governing cybersecurity disclosures by publicly traded companies. The SEC rules require every publicly-traded company, including foreign private issuers, to describe in their annual reports:

1. The processes for the assessment, identification, and management of material risks from cybersecurity threats;
2. Whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the company;
3. The board’s oversight of risks from cybersecurity threats;
4. The management’s role and expertise in assessing and managing material risks from cybersecurity threats.