The U.S. Securities and Exchange Commission is planning to update its 6-year-old cybersecurity guidance for how publicly traded firms report data breaches to investors.

The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to investors as well as require insider trading programs to include blackout rules in the event that a suspected data breach gets discovered (see Report: SEC Plans Breach Reporting Guidance Refresh).

Read full news article on bankinfosecurity.com