this post was submitted on 27 Jul 2023
45 points (100.0% liked)

Technology

378 readers
1 users here now

This magazine is dedicated to discussions on the latest developments, trends, and innovations in the world of technology. Whether you are a tech enthusiast, a developer, or simply curious about the latest gadgets and software, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as artificial intelligence, robotics, cloud computing, cybersecurity, and more. From the impact of technology on society to the ethical considerations of new technologies, this category covers a wide range of topics related to technology. Join the conversation and let's explore the ever-evolving world of technology together!

founded 2 years ago
45
SEC now requires companies to disclose cyberattacks in 4 days (www.bleepingcomputer.com)
submitted 1 year ago by stopthatgirl7@kbin.social to c/tech@kbin.social
3 comments fedilink hide all child comments
 

The U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business days after determining they're material incidents.

you are viewing a single comment's thread
view the rest of the comments
[–] Awwab@kbin.social 4 points 1 year ago (1 children)

Just never make it a material incident and then you don't have to worry.

[–] roofuskit@kbin.social 4 points 1 year ago (1 children)

Concealing liabilities from investors it's a pretty big deal. Keep in mind, the reason this targets publicly traded companies is that they want to protect investors, not the customers of the company.

[–] Ferk@kbin.social 2 points 1 year ago* (last edited 1 year ago)

In fact, if it's something that affects the customers generally, I looks like disclosure might no longer be so important, since they seem to allow delaying the disclosure if it risks "public safety".

In some instances, the disclosure timeline may also be postponed if the U.S. Attorney General determines that an immediate disclosure would pose a significant risk to national security or public safety.

So a company might keep a backdoor secret if it's for the sake of national security / surveillance.