Corporate America has a new set of cybersecurity rules to follow starting December 18, which could mean you’ll start learning more quickly and more frequently about cyber attacks.

The new standards from the Securities and Exchange Commission (SEC) require companies to disclose a breach within four days of determining the hack will have a material impact – meaning it’ll cost the company.

Cyber disclosures (00:00:25)
"You're going to get an increase of cyber disclosures and regulations, and you're going to see more and more of these happen over the course of next year," Diligent CEO Brian Stafford said. "You're going to be able to look and compare, why did the company disclose this when their competitor didn't disclose this? You're going to look at the extent of the disclosure, and you're going to find investors ... holding an even higher bar up to the level of oversight provided in cyber across many companies."

Implications for cyber industry (00:00:55)

"We see in the background of all this, more coordination among attackers, increasing levels of attacks, and now new SEC reporting requirements that require very timely disclosures," Macquarie U.S. Head of Software Research Fred Havemeyer said. "We do think that this sets up constructive demand tailwinds for the entire cybersecurity industry."

Related Videos

Challenges of cyber regulations (00:01:25)
"The people behind these attacks, they've also jumped on this as well. So they're using that opportunistically, if they attack an organization, they're trying to hold them ransom," CrowdStrike (CRWD) President Michael Sentonas said. "So it's an interesting time, a lot of organizations are trying to work it out ... We can help you understand how to report and how to be more compliant to these new regulations. We do that for companies around the world."

Video Transcript

JULIE HYMAN: Corporate America has a new set of cybersecurity rules to follow starting December 18, and it could mean you'll start learning more quickly and more frequently about cyber attacks. The new standards from the Securities and Exchange Commission require companies to disclose a breach within four days of determining that hack will have a material impact, meaning it'll cost the company.

BRIAN STAFFORD: You're going to get an increase of cyber disclosures and regulations and you're going to see more and more of these happen over the course of the next year. You're going to be able to take a look at and compare, why did a company disclose this when their competitor didn't disclose this?

You're going to look at the extent of the disclosure and you're going to find investors, activist investors, regulators holding an even higher bar up to the level of oversight provided in cyber across many companies.