Cybersecurity incidents are constantly in the news these days, but you’ll soon be hearing about a lot more of them. That’s because a new rule from the Securities and Exchange Commission went into effect on Monday, requiring all public companies to report data breaches in just four days.
The new SEC rule requires public companies to submit a government filing within four business days of determining a cybersecurity incident “material.” In 23andMe’s data breach, users found out in December that 6.9 million people had their biodata exposed, even though the hack happened in early October. In that case, it’s unclear when 23andMe knew about the severity of the hack, and how material it was, but it’s possible users could have been alerted much sooner.
Public companies currently take roughly 80 days to report incidents to the SEC, according to the latest research from Gartner. That number has only increased in recent years, up from 60 days in 2020, as companies take longer to respond while they curate PR responses to massive data breaches. Some take closer to 100 days, however, because there are very few rules around reporting data hacks at all.
The key word in this legislation is “material,” because it’s ambiguous and hard to define when exactly a cybersecurity incident is determined to be so. The Supreme Court defines material evidence as a substantial likelihood that a reasonable investor would consider it important. A CEO could learn about a data breach in January but only determine it was material in February, after weeks of an internal review.
The SEC rule, passed in July but went into effect Dec. 18th, also requires companies to give more details about an incident’s nature, scope, and timing. This means the public will know more about data breaches more quickly than before. Cybersecurity responses have long been undermined by public companies, who profit off of millions of user data points but have relatively weak security systems.
Just in the last week: we’ve learned that Comcast lost every single Xfinity customer’s data; PlayStation’s Insomniac Games was hacked and lost 1.67 terabytes of data, including the passports of its employees and details to a new Wolverine game; and a huge mortgage and loan company, Mr. Cooper, lost the data of 14 million people. Those are just the cybersecurity incidents that were reported this week. However, you may have already been impacted by some other company that lost your data, and you just don’t know it yet. The new SEC rule aims to change that.
Trending Products
![Cooler Master MasterBox Q300L Micro-ATX Tower with Magnetic Design Dust Filter, Transparent Acrylic Side Panel, Adjustable I/O & Fully Ventilated Airflow, Black (MCB-Q300L-KANN-S00)](https://m.media-amazon.com/images/I/51WfytAtGCL._SS300_.jpg)
Cooler Master MasterBox Q300L Micro-ATX Tower with Magnetic Design Dust Filter, Transparent Acrylic Side Panel, Adjustable I/O & Fully Ventilated Airflow, Black (MCB-Q300L-KANN-S00)
![ASUS TUF Gaming GT301 ZAKU II Edition ATX mid-Tower Compact case with Tempered Glass Side Panel, Honeycomb Front Panel, 120mm Aura Addressable RGB Fan, Headphone Hanger,360mm Radiator, Gundam Edition](https://m.media-amazon.com/images/I/41JUuW8Yc5S._SS300_.jpg)
ASUS TUF Gaming GT301 ZAKU II Edition ATX mid-Tower Compact case with Tempered Glass Side Panel, Honeycomb Front Panel, 120mm Aura Addressable RGB Fan, Headphone Hanger,360mm Radiator, Gundam Edition
![ASUS TUF Gaming GT501 Mid-Tower Computer Case for up to EATX Motherboards with USB 3.0 Front Panel Cases GT501/GRY/WITH Handle](https://m.media-amazon.com/images/I/41j9qzlOi2L._SS300_.jpg)
ASUS TUF Gaming GT501 Mid-Tower Computer Case for up to EATX Motherboards with USB 3.0 Front Panel Cases GT501/GRY/WITH Handle
![be quiet! Pure Base 500DX ATX Mid Tower PC case | ARGB | 3 Pre-Installed Pure Wings 2 Fans | Tempered Glass Window | Black | BGW37](https://m.media-amazon.com/images/I/41xW6xrbicL._SS300_.jpg)
be quiet! Pure Base 500DX ATX Mid Tower PC case | ARGB | 3 Pre-Installed Pure Wings 2 Fans | Tempered Glass Window | Black | BGW37
![ASUS ROG Strix Helios GX601 White Edition RGB Mid-Tower Computer Case for ATX/EATX Motherboards with tempered glass, aluminum frame, GPU braces, 420mm radiator support and Aura Sync](https://m.media-amazon.com/images/I/41T-2v3IuML._SS300_.jpg)
ASUS ROG Strix Helios GX601 White Edition RGB Mid-Tower Computer Case for ATX/EATX Motherboards with tempered glass, aluminum frame, GPU braces, 420mm radiator support and Aura Sync
![Bgears b-Voguish Gaming PC Case with Tempered Glass panels, USB3.0, Support E-ATX, ATX, mATX, ITX. (Fans are sold separately)](https://m.media-amazon.com/images/I/41p2u3NJN6L._SS300_.jpg)