While the SEC’s adoption of cybersecurity disclosure requirements last month was a long time in the making, that actual adoption of the rules and the relatively short compliance deadlines seems to have prompted some level of panic at public companies. Based on how the final rules came out, I hope to offer some reassuring words that your path to compliance with these requirements can build on your pre-existing efforts rather than recreating the wheel. To that end, I ask and answer some of the questions that have been emerging about the new rules. Please read them and take a few deep breaths.
Source: Cybersecurity Disclosure Rules: Don’t Panic! : TheCorporateCounsel.net Blog