What the SEC Requires From Businesses After a Data Breach

Consumers have become wary of data breaches and the decreased safety of their personal information. However, the cost of a data breach is no longer only a matter of money and your company’s good name. There is now a third critical reason to pay attention: the U.S. Securities and Exchange Commission — more commonly referred to as the SEC.

The SEC has begun to take aim at the business practices that can lead to breaches. So, what does the SEC’s involvement mean for cybersecurity professionals?

Why Is the SEC Involved in Data Breach Response?

You might think about the SEC in terms of stocks and the stock market. But it has a three-part mission: protect investors, facilitate capital formation and maintain fair, orderly and efficient markets.

To protect investors, the SEC works to make sure consumers are not investing their hard-earned money in a company’s stock based on false or misleading information. That might mean looking into falsified earning reports, but it also goes much deeper.

The SEC aims for transparency. So, they require each business to disclose all types of risk that can affect the company’s earnings and, in the end, the stock price. This process increases the odds that an investor has access to all the information about a company’s financial health.

The possible risks encompass much more than fraud; they can include everything from supply chain issues to natural disasters. The purpose is to share anything and everything that could possibly affect the financial future of the company.

This leads us right to the answer about why the SEC cares about cybersecurity. When a company faces a cybersecurity attack or event, it affects its revenue. According to the
Support the originator by clicking the read the rest link below.