You are here

SEC Issues New Cyber Guidance for Publicly Traded Companies

SEC Issues New Cyber Guidance

The Securities and Exchange Commission (SEC) issued cybersecurity reporting guidance for publicly traded companies on February 20, in the wake of a series of high profile data breaches.  

The guidance updates existing rules and requires companies to not only inform investors and the public about data breaches they have faced, but also the cybersecurity risks they are likely to encounter. 

The SEC also urged public firms to publicly disclose news of a breach as soon as possible—a reaction to the Equifax data breach that was not made public for several months. 

In addition to the SEC, Congress has prioritized data security and held a series of hearings on the topic. Lawmakers are trying to reach consensus on how to boost consumer protections and enhance data security at a time of increasing threats. 

NAA/NMHC will continue to work with Congress to create a federal data standard that recognizes the unique nature and needs of the rental housing industry while ensuring the data that our members collect, use and maintain is secure. 

NAA/NMHC provide a variety of resources to help secure a firms’ data and bolster its overall cybersecurity posture, which can be found at www.nmhc.org/data-security. Example resources include a white paper/guidance document on cyber security best practices and a concise, sharable guide to “Social Engineering Red Flags,” that can help educate employees about cyber pitfalls.