SEC adopts cyberattack disclosure rules, listed crypto firms included

Tags

Top Highlights

• Public companies in the United States, including listed crypto firms, will be required to disclose any major cybersecurity incidents within a four-day time limit under new rules adopted by the United States securities regulator.

• It will also require periodic reporting about a registrant’s policies and procedures to identify and manage cybersecurity risks and give periodic updates about previously reported cybersecurity incidents.

• The new rules will apply to any publicly listed company in the United States. In the crypto industry, publicly listed crypto firms include Coinbase (COIN), Marathon Digital (MARA), Riot Blockchain (RIOT) and Hive Digital Technologies (HIVE).