Disclosure rules

Senators Urge SEC to Propose Cybersecurity Reporting Rules for Financial Sector

Lawmakers have written an open letter urging the Securities and Exchange Commission to propose cybersecurity disclosure and reporting rules to protect investors.

The letter was signed by Sens. Jack Reed, Mark Warner, Catherine Cortez Masto, Kevin Cramer, Susan Collins and Angus King and addressed to SEC Chairman Gary Gensler.

The senators said that investors should have the assurance that publicly traded companies and financial sector registrants are taking cybersecurity seriously.

The senators also noted that investors have the right to be informed of any serious cybersecurity incidents in a timely manner, Breaking Defense reported.

According to the lawmakers, one way to increase public companies’ accountability to investors is to require them to reveal whether they have a cybersecurity expert on their board of directors. If not, the company would be required to explain why.

The senators noted that they are sponsoring legislation aimed at ensuring the disclosure of such information. Introduced in March 2021, the Cybersecurity Disclosure Act is aimed at enhancing transparency in the cybersecurity of publicly traded companies.

Gensler previously testified before the Senate Banking Committee that investors would benefit if companies disclosed their cybersecurity risk in a “decision-useful manner,” according to the letter.

The SEC chair also testified that the commission’s staffers have already been tasked with developing proposals on cybersecurity disclosures and incident reporting.

The senators lauded Gensler for his efforts and recommended that he develop its rule proposals in coordination with the national cyber director.