Attorneys: Boards need more timely updates as SEC wants faster breach notification

Attorneys offering an overview of the evolving cybersecurity legal landscape for financial firms are highlighting a couple of trends: the Securities and Exchange Commission wants to know quickly when a publicly traded company has suffered a breach, and corporate boards need to “rethink” how frequently they're receiving cyber updates from management.

“The SEC expects you to have disclosure as part of your cyber response plan” under its 2018 guidance on “when and how” to disclose, said Bill Regan of the...