“Often, you just don’t know within four days what the real facts are,” he said. As written, the proposed SEC rules essentially require companies to “make very important decisions with very little information.”
Meanwhile, another federal agency — which has its own set of cyber incident reporting regulations in the works, separate from the SEC’s — has been carrying itself much differently, according to Simonis and numerous others in the security community. The Cybersecurity and…
Source link
