SEC Corp Fin Director Bill Hinman spoke last week about the SEC's recently-updated cybersecurity guidance at the PCAOB's Standing Advisory Group meeting.
This Jim Hamilton's World of Securities Regulation post shares these and other key takeaways from his remarks:
- Internal controls should include procedures for escalation of cyber incidents to the company's "disclosure experts" and the GC.
- Insider trading policies should be reassessed with due consideration for potentially restricting or blocking insider trades by directors, officers and others with actual knowledge upon the occurrence of a cyber incident that may be material.
- Companies should integrate board oversight of cybersecurity into their more comprehensive board risk oversight disclosure (Reg. S-K Item 407(h)) if the risks are believed to be material.
We first reported this news, along with the results of a director/officer trading pre-clearance survey and numerous other resources, in yesterday's Society Alert! Access numerous additional resources on the SEC's guidance on our Cybersecurity page here and on our Insider Trading page here.