Policy · March 13, 2026 · 7 min

SEC Cybersecurity Disclosure: What the Proposed Amendments Actually Change

Proposed amendments to the SEC’s cybersecurity disclosure framework would expand incident-reporting timing, materiality standards, and director-oversight obligations.

The Securities and Exchange Commission has proposed amendments to its cybersecurity disclosure framework that would materially expand registrants’ obligations around incident reporting, materiality determination, and board-level oversight. Public companies should review the proposed rule and consider participating in the comment period.