CyberSecurityBoard
Sponsor Register Login

FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure

The FBI has issued guidance regarding the data breach reporting requirements of the Securities and Exchange Commission, providing useful information on how disclosures can be delayed.
The SEC announced in late July that it had adopted new cybersecurity incident disclosure rules for public companies, requiring them to disclose, through a Form 8-K filing, any material breach within four business days.
When it announced the new rules, the SEC noted that some companies may be exempt if there is substantial risk to public safety or national security.
The FBI has now provided some clarifications on this exemption, explaining that the Justice Department can grant a 30-day delay for national security or public safety reasons.
The disclosure can be delayed for another 30 days, or 60 days in extraordinary circumstances involving national security, but the delays cannot exceed a total of 120 business days without an exemptive order from the SEC. The FBI is accepting the delay requests on behalf of the Justice Department and organizations seeking to delay disclosure must follow certain procedures.
While some applauded the SEC for its initiative when it announced the new rules, others raised concerns about the impact on investors and some warned that the disclosure rules could actually help cybercriminals.
Republican lawmakers filed a joint resolution last month in an effort to overturn the rules, but it has yet to pass the House or the Senate.


This Cyber News was published on www.securityweek.com. Publication date: Tue, 12 Dec 2023 11:43:19 +0000


Cyber News related to FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure

US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
7 months ago Wired.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
6 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
4 months ago Securityzap.com
FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure - The FBI has issued guidance regarding the data breach reporting requirements of the Securities and Exchange Commission, providing useful information on how disclosures can be delayed. The SEC announced in late July that it had adopted new ...
6 months ago Securityweek.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
6 months ago Bleepingcomputer.com
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
6 months ago Techrepublic.com
SEC Shares Important Clarifications as New Cyber Incident Disclosure Rules Come Into Effect - The US Securities and Exchange Commission has shared some important clarifications on its new cyber incident disclosure requirements, which come into effect on Monday, December 18. The SEC announced in late July that it had adopted new cybersecurity ...
6 months ago Securityweek.com
Biden veto waiting for bill to kill SEC breach report rule The Register - The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission's strict data breach reporting rule. The joint resolution, along with House Joint Resolution 100, ...
5 months ago Go.theregister.com
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
6 months ago Bleepingcomputer.com
FBI Details How Companies Can Delay SEC Cyber Disclosures - The FBI is outlining how its agents will handle requests from publicly traded companies that want to delay having to disclose a cybersecurity incident under the new controversial Securities and Exchange Commission rules that take effect next week. ...
6 months ago Securityboulevard.com
FBI's latest defense of warrantless S. 702 snooping is China The Register - Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. Wray cited an example he's used previously about how, last ...
4 months ago Go.theregister.com
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com
CISOs on alert following SEC charges against SolarWinds - While the outcome of the Security and Exchange Commission's complaint against SolarWinds remains to be seen, infosec experts say the charges are likely to have a major impact on the role of the CISO going forward. In late October, the SEC charged ...
5 months ago Techtarget.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
7 months ago Bleepingcomputer.com
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
6 months ago Krebsonsecurity.com
FBI seize BreachForums hacking forum used to leak stolen data - The FBI has seized the notorious BreachForums hacking forum used to leak and sell stolen corporate data to other cybercriminals. The seizure occurred on Wednesday morning, soon after the site was used last week to leak data stolen from a Europol law ...
1 month ago Bleepingcomputer.com
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
7 months ago Theregister.com
How the FBI Infiltrated the Hive Ransomware Gang Systems - The FBI has recently infiltrated the systems of the Hive ransomware gang, one of the most sophisticated and successful global cybercrime gangs. This infiltration is a major victory for the FBI in its fight against ransomware, cybercrime, and other ...
1 year ago Bleepingcomputer.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
5 months ago Securityboulevard.com
Without clear guidance, SEC's new rule on incident reporting may be detrimental - Establishing a reporting infrastructure that sheds light on what, how, and when security incidents are disclosed is important for the industry at large and is a huge step toward having cybersecurity seen as a business-wide issue. In 2024, that ...
5 months ago Helpnetsecurity.com
MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC - Financial software company MeridianLink confirmed that it is dealing with a cyberattack after the hackers behind the incident took extraordinary measures to pressure the company into paying a ransom. MeridianLink, which reported more than $76 million ...
7 months ago Therecord.media
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
7 months ago Jdsupra.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
7 months ago Jdsupra.com
Cardiovascular Consultants Confirms Data Breach in SEC Filing - On December 6, 2023, Cardiovascular Consultants Ltd. filed a notice with the Securities and Exchange Commission disclosing a recent cyberattack and subsequent data breach. In this notice, Cardiovascular Consultants explains that the incident resulted ...
6 months ago Jdsupra.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
7 months ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)