Gary Gensler claims the new rules "will benefit investors, companies, and the markets connecting them."
The United States Securities and Exchange Commission (SEC) has passed a new rule mandating public companies, inclusive of those in the crypto sector, to inform users about any significant cybersecurity breaches within four days.
The exception to this rule is situations where such announcements might pose risks to national security or public safety.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is a Crypto Mining Rig? Is it Worth it? (EASILY Explained)
The SEC's directive, introduced on July 26th, necessitates a rapid four-day disclosure of any "material" cyberattack by public companies, marking a significant step towards improved cybersecurity risk management.
The enforcement of these regulations will start 30 days after the release gets published in the Federal Register.
The regulatory body is also mandating periodic reports about an entity's protocols for identifying and mitigating cybersecurity risks and demands regular updates on cybersecurity incidents that have been previously reported.
According to a statement from the SEC on July 26th, these incoming rules aim to bolster investors' welfare by enhancing cybersecurity risk management measures. SEC Chair, Gary Gensler, underscored this by saying:
Through helping to ensure that companies disclose material cybersecurity information, today’s rules will benefit investors, companies, and the markets connecting them.
Prominent cryptocurrency businesses, such as Coinbase (COIN), Marathon Digital (MARA), Riot Blockchain (RIOT), and Hive Digital Technologies (HIVE), fall under the umbrella of these new regulations since they are publicly traded in the United States.
The SEC revealed that a surge in digitized operations and digital payments, paired with the increasing capabilities of criminals to capitalize on cybersecurity incidents, necessitated the introduction of these new rules to safeguard investors.
Cryptocurrencies have often been on the radar of cybercriminals looking to execute high-value exploits, with entities like the North Korea-backed hackers stealing well over $1 billion from various cryptocurrency platforms via multiple high-profile exploits.
First proposed in March 2022, these cybersecurity rules represent a significant development in public firms' responsibility towards cybersecurity incidents, extending their reach to crypto companies, thereby ensuring heightened security measures and investor protection in the evolving digital landscape.
