SEC adopts rule requiring companies to disclose cyber incidents

…Brandon Pugh, policy director of the cybersecurity and emerging threats team at the R Street Institute, said he’s seen mixed reaction from companies about the recent rule. 

“Some say this is similar to information they voluntarily provide now in the name of transparency while others say this might reveal sensitive security-related information,” Pugh said.

“This new rule does impose new requirements on companies, so there will be added costs to comply and potential liability if they do not,” he added…