Clayton’s warning came with the unveiling of new SEC cyber guidance approved by the Commission Tuesday.
“Companies are well served by considering the ramifications of directors, officers, and other corporate insiders trading in advance of disclosures regarding cyber incidents that prove to be material,” said the Commission in the guidance.
The Commission cautioned firms that failure to disclose cybersecurity risks or incidents adequately could put them in danger of running afoul of anti-fraud laws.
Like so many of the categories of information, the SEC guidance directs companies to make public, the chief obligation in in the cyber realm is information the agency believes is material.
The regulator said cyberrisk and hacking developments are material if there is a substantial likelihood that a reasonable investor would consider the information important in making an investment decision.
In the guidance, the agency said companies can be right to keep some cybersecurity measures secret that would provide a roadmap for hackers. More at Forbes: