Richard Suls, Security & Risk Management Consultant, WithSecure, “As a security researcher focused on cybersecurity and the protection of sensitive data, I believe that the SEC's decision to require publicly traded companies to disclose cyber attacks within 4 days of identifying a "material" impact on their finances is a significant step in the right direction. This rule change represents a major shift in how cyber breaches are handled and disclosed, and it has several potential benefits for both investors and the overall security landscape."
"Firstly, the mandatory disclosure of cyber attacks within a specific timeframe will enhance transparency and accountability. By imposing a strict deadline, companies cannot delay or obscure information about cyber incidents, ensuring that investors and stakeholders are promptly informed of potential financial implications resulting from breaches. This will help in preventing the manipulation of financial data and the withholding of crucial information that could impact investors' decisions."
