CyberSecurityBoard
Sponsor Register Login

FBI Details How Companies Can Delay SEC Cyber Disclosures

The FBI is outlining how its agents will handle requests from publicly traded companies that want to delay having to disclose a cybersecurity incident under the new controversial Securities and Exchange Commission rules that take effect next week.
The rules go into action December 18, though smaller companies have until mid-June to start complying.
One role the FBI will play is fielding requests from companies to delay disclosing an event, with the SEC saying such delays can be granted if disclosures would risk national security or public safety.
To help companies prepare for the new rules, the FBI this month issued a seven-page public notice detailing how the law enforcement agency will handle requests to delay disclosure for at least 30 days, though such delays can't be more than 120 days.
The Attorney General's Office makes the final decision on a delay request.
The FBI is responsible for taking in and documenting the requests, checking the government's national security and public safety regulations, and referring the information to the Justice Department.
An agent will start investigating whether disclosing the incident would be a national security or public safety issue within two hours of receiving the delay request either directly from the victim or from a U.S. agency, such as the Cybersecurity and Infrastructure Security Agency or the Secret Service.
The FBI also urged companies to reach out to the FBI before determining whether an incident is a material one and soon after believing that disclosure of an attack poses a national security or public safety risk.
Could help with the FBI's review of the disclosure delay request, the FBI wrote.
The SEC created the rules to bring uniformity to how and when public companies disclose cybersecurity incidents.
Companies will have to disclose the incidents in their Form 8-K submissions within four days of determining they are material.
They'll need to outline their cybersecurity management and strategy.
The new rule has gotten pushback from companies, including on how to define whether an incident is material.
In one conversation on Reddit, an individual said he had been worried about such government intervention.
3 Months is standard for public company financial disclosure and allowing a company's Cybersecurity teams to do a thorough investigation on incidents.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 11 Dec 2023 17:43:05 +0000


Cyber News related to FBI Details How Companies Can Delay SEC Cyber Disclosures

FBI Details How Companies Can Delay SEC Cyber Disclosures - The FBI is outlining how its agents will handle requests from publicly traded companies that want to delay having to disclose a cybersecurity incident under the new controversial Securities and Exchange Commission rules that take effect next week. ...
10 months ago Securityboulevard.com
FBI explains how companies can delay SEC cyber incident disclosures - The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission. Companies have to report issues to the SEC in 8-K filings within four business days unless the U.S. attorney ...
10 months ago Therecord.media
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
11 months ago Techrepublic.com
SEC Shares Important Clarifications as New Cyber Incident Disclosure Rules Come Into Effect - The US Securities and Exchange Commission has shared some important clarifications on its new cyber incident disclosure requirements, which come into effect on Monday, December 18. The SEC announced in late July that it had adopted new cybersecurity ...
10 months ago Securityweek.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
11 months ago Feeds.dzone.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
8 months ago Cyberdefensemagazine.com
US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
11 months ago Wired.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
9 months ago Securityzap.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 month ago Cyberdefensemagazine.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
What CISOs Should Exclude From SEC Cybersecurity Filings - As enterprises continue to weigh which security incidents constitute something material enough to be reported under the Securities and Exchange Commission's new rules, CISOs face the challenge of deciding which details to report and, far more ...
11 months ago Darkreading.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
9 months ago Scmagazine.com
Worried about job security, cyber teams hide security incidents - Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. The research reveals that 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs - a ...
5 months ago Helpnetsecurity.com
FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure - The FBI has issued guidance regarding the data breach reporting requirements of the Securities and Exchange Commission, providing useful information on how disclosures can be delayed. The SEC announced in late July that it had adopted new ...
10 months ago Securityweek.com
Wargames director Jackie Schneider on why cyber is one of 'the most interesting scholarly puzzles' - In other games, we had people from Silicon Valley who were leading AI companies or cyber companies. What we found is those who had expertise in cyber operations were more likely to be more nuanced about how they used the cyber capability. On a larger ...
5 months ago Therecord.media
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
10 months ago Bleepingcomputer.com
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
6 months ago Cyberdefensemagazine.com
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too - An increase in cyber-insurance claims in 2023, driven by a more active threat landscape, will likely mean that last year's price plateau in cyber-insurance premium costs will be short-lived, according to industry experts. While premium costs fell by ...
9 months ago Darkreading.com
What Do CISOs Have to Do to Meet New SEC Regulations? - Ilona Cohen, Chief Legal and Policy Officer, HackerOne: It is never an easy time to be a chief information security officer, but the past few months have felt particularly challenging. The recent charges from the US Security and Exchange Commission ...
10 months ago Darkreading.com
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
10 months ago Securityboulevard.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
10 months ago Techrepublic.com
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
10 months ago Bleepingcomputer.com
FBI's latest defense of warrantless S. 702 snooping is China The Register - Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. Wray cited an example he's used previously about how, last ...
8 months ago Go.theregister.com
Making Cyber Insurance Available for Small Biz, Contractors - The soaring costs of recovering from a security incident or data breach is driving interest in cyber insurance. While cyber insurance is typically viewed as a product mainly for large organizations seeking coverage and protection against ...
10 months ago Darkreading.com
Cybersecurity Tops 2024 Global Business Risks - The newly released Allianz Risk Barometer revealed that Cyber incidents such as ransomware attacks, data breaches, and IT disruptions are the biggest worry for companies globally, as well as in the United States, in 2024. The 13th annual business ...
9 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)