Cyber Reporting Requirements Keep Policyholders on Toes
Data privacy attorney Shardul Desai was quoted in an article published by Law360 about recent cyber reporting regulations and what this means for policyholders. President Joe Biden's recent signing of the Cyber Incident Reporting for Critical Infrastructure Act and the U.S. Securities and Exchange Commission's (SEC) proposal requiring stricter disclosures of cybersecurity and cyber incidents for public companies will push companies to increase their cyber resiliency. Mr. Desai said the SEC may not have fully appreciated the long-term litigation risks the proposed disclosure rules have created.
"Agencies need to think carefully about the impact that their proposed laws will have, the secondary or tertiary consequences that it will create, instead of trying to just address the immediate issue," he said.