SEC banking groups request to drop the base of disclosure of the cybersecurity accident
The calling groups of the American banking and financial industry services provided a petition to the Securities and Stock Exchange Committee to cancel the requirements of the general disclosure of the cybersecurity.
Five American banking groups, led by the American Banking Association, requested the regulator to remove its rule on May 22nd letterOn the pretext that the disclosure of cybersecurity incidents “contradicts the requirements of secret reporting that aims to protect critical infrastructure and warn potential victims.”
The group, which also included the Securities and Financial Markets Industry Association, the Institute of Banking Policy, Independent Society Banks in America and the International Bankers Institute, claimed that al -Qaeda was exposed to organizational efforts to enhance national cybersecurity.
SEC Cyber Security Risk Management Base, Published In July 2023, companies are required to quickly disclose cybersecurity accidents such as data violations or breakthroughs. However, banking groups argue that this rule was flawed from the beginning and has proven to be a problem in practice since it started the effect.
Banking bodies said that the “complex and narrow detection mechanism” interferes with the response to accidents, law enforcement and the creation of “market confusion” between mandatory and voluntary disclosure.
The general disclosure of “weapons to blackmail by ransom criminals to achieve more malicious goals” was also made, and early disclosure increases insurance and responsibility issues for companies and “risk of explicit internal communications and the exchange of routine information.”
The groups specifically want to cancel the “1.05 item” of SEC bases for the 8-K reports and the parallel reports applied to the 6-K.
The 8-K model is used to notify investors in public companies in the United States of specific events, including cyber security incidents, which may be important for shareholders or SEC.
“From a decisive point of view, without item 1.05, the investor interests will remain protected, and we believe that they will be better presented through the pre -existing disclosure framework to report material information, which may include material cybersecurity incidents,” the groups stated.
Related to: Snements who use the LEDGER LIVE application to steal the phrases of seeds and deplete encryption
Full petition included examples of confusion from the participants, specific incidents of ransom attacks and documented organizational conflicts.
Public encryption companies were affected
The requirements also affect the public coding companies such as Coinbase, which revealed earlier this month that the infiltrators bribe the support staff to leak their user data.
The disclosure witnessed that the company was set at at least seven lawsuits on the disclosure.
Coinbase said it rejected a 20 million dollar ransom request after employees leaked the user data in a major hunting attack, which said the stock exchange may cost it up to 400 million dollars as compensation.
If SEC cancels the condition, companies such as Coinbase may give more time to reveal cybersecurity incidents to the public.
magazine: Bitcoin Bears Eye $ 69, CZ denies rumors WLF ‘Fixer’: Hodler’s Digest