SEC proposes cyber resilience requirements for publicly listed companies
THE SECURITIES and Exchange Commission (SEC) has released a draft memorandum circular for public comment requiring capital market participants to implement cyber resilience frameworks.
The draft circular, issued on Dec. 17, is open for comments until Jan. 16, 2026. It mandates regulated entities to establish frameworks that define objectives, risk tolerance, and procedures to identify, mitigate, and manage cyber risks.
“The proposal is in line with the government’s National Cybersecurity Plan 2023 to 2028, which recognizes cybersecurity as critical to peace, security and economic development,” the commission said in a statement on Thursday.
The guidelines cover publicly listed companies, broker-dealers, investment firms, exchanges, self-regulatory organizations, clearing agencies, securities depositories, transfer agents, and other capital market participants of similar nature.
The SEC said boards of directors must oversee cybersecurity risks and establish or appoint a Computer Emergency Response Team (CERT) led by a chief information security officer (CISO).
“The CISO will be responsible for carrying out the responsibilities of the chief information officer and serve as the primary liaison to the company’s authorizing officials, information system owners, and information system security officers,” the commission added.
The draft also holds regulated entities accountable for cybersecurity and resilience even when third parties manage their systems. Entities relying on third-party Critical Information Infrastructure must secure legally binding agreements to ensure compliance with standards such as incident reporting, auditing, and risk assessment.
“If a covered entity experiences a cyber incident that is determined to be material, it should disclose to the SEC within five days after the occurrence of the event the nature, scope, and timing of the incident. The company should also report its material impact or reasonably likely material impact on the entity, including its financial condition and results of operation,” the SEC said. — Alexandria Grace C. Magno
Potrebbe anche piacerti
NATO Reexamination: Secretary Rubio’s Critical Alliance Review Shakes Global Security
Yuan Gains Ground Against Dollar
Federal Reserve expected to slash rates today, here's how it may impact crypto
Market participants are eagerly anticipating at least a 25 basis point (BPS) interest rate cut from the Federal Reserve on Wednesday. The Federal Reserve, the central bank of the United States, is expected to begin slashing interest rates on Wednesday, with analysts expecting a 25 basis point (BPS) cut and a boost to risk asset prices in the long term.Crypto prices are strongly correlated with liquidity cycles, Coin Bureau founder and market analyst Nic Puckrin said. However, while lower interest rates tend to raise asset prices long-term, Puckrin warned of a short-term price correction. “The main risk is that the move is already priced in, Puckrin said, adding, “hope is high and there’s a big chance of a ‘sell the news’ pullback. When that happens, speculative corners, memecoins in particular, are most vulnerable.”Read more
