Financial-sector groups join calls for substantial rewrite of SEC cybersecurity proposal for publicly traded companies

A coalition of banking groups is asking the SEC to revamp proposed cybersecurity rules to address concerns over the timing and substance of incident reporting requirements and to rewrite or drop new disclosure requirements on corporate cybersecurity practices.

“While we support the policy goals of the Proposed Rules, we believe that, as currently drafted, the Proposed Rules insufficiently take into account other policy goals, including ensuring the cybersecurity of registrants; protecting the safety and soundness of financial institutions; and identifying...