Yesterday, the Securities and Exchange Commission voted unanimously to approve a statement and interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.
via SEC Adopts Statement and Interpretive Guidance on Public Company Cybersecurity Disclosures.