The US Securities and Exchange Commission (SEC) has instigated a new rule requiring all registrants to disclose significant cyber incidents and describe their cyber risk management programmes within four days of detection. Ruling S7-09-22 aims to increase transparency for investors and encourage companies to invest in robust cyber security measures. However, the legislation’s wording is ambiguous, and there has been criticism regarding the lack of mandated boardroom cyber collaboration and expertise.
VPS of MI, PLLC Announces Data Breach Following Discovery of Malware | Console and Associates, P.C.
Visiting Physician Services (VPS of MI) discovered a data breach caused by malware on their IT systems, affecting the sensitive information of approximately 20,604 patients.
