SEC Will Require Finance to Notify Breach Victims in 30 Days


More SEC rules, this time mandating financial firms inform victims of data breaches within 30 days!

Why wasn't this already a requirement?

Last year, the SEC instituted requirements for publicly traded companies to inform investors of material cybersecurity events within 4 days. That edict spurred a small wave of misguided protests in the #cybersecurity community, who warned of bad omens which never materialized.

I am anxious to see if this latest regulatory requirement also becomes a hotbed of discussion. <popcorn at the ready>

How do you rate this article?


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.

Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.