New SEC cybersecurity rules brings new expectations: What You Need to Know and How to Prepare
The cybersecurity regulatory landscape is in a constant state of flux. Adhering to these regulations isn't merely about legal compliance; it's a pledge to protect their investors and assets against emerging threats. The Delay and Its Implications In 2023, the Securities and Exchange Commission (SEC) decided to delay the finalization of anticipated cybersecurity rules for investment advisers and funds. Originally forecasted for May 2023, an October release is now expected after an extended public commentary period. Highlighted in these upcoming rules are several pivotal elements, along with additional recommendations: 48-Hour Incident Notification Rule: Enforcing swift communication after security incidents to promote transparency. Disclosures must use Inline XBRL. This new reporting requirement likely will impose an increased burden on companies during what likely is a crisis situation. Documented Cybersecurity Risk Strategies: It's imperative for organizations to have a robust strategy in place. This ensures they proactively tackle and manage emerging cyber…