SEC says new guidelines on reporting data breaches are coming

11/09/17 09:18 PM EST

By Ezequiel Minaya

Companies also advised to examine insider-trading policies in regards to cyberattacks

A senior Securities and Exchange Commission regulator said Thursday that public companies will soon face new guidelines for how they report cybersecruity breaches to investors.

The agency will probably update directions that it gave to companies over six years ago, before the spate of high-profile breaches, including at the SEC itself and Equifax, Inc. (EFX) , the credit-reporting firm with access to sensitive financial details for millions of consumers.

Read: Equifax wipes away breach charges to claim an earnings beat (

Among the issues that the commission should tackle are updating guidance on describing the level of cyberintrusion that demands a public disclosure, in the face of the numerous attacks against companies, said William Hinman, the SEC's recently installed director of corporation finance.

Hinman also advised companies to examine their own policies for insider trading following a cyberbreach. "I think this issue is important enough, wide-ranging enough that we should tackle it at the commission level," Hinman said. "I think it would be wise for folks to examine their insider trader policies in connection," to a systems breach, he added.

An expanded version of this report appears on (

Also popular on

How an American family escaped pirates in the Amazon (

A Harvey Weinstein operative played another role (

-Ezequiel Minaya ; 415-439-6400;


(END) Dow Jones Newswires

11-09-17 2118ET

Copyright (c) 2017 Dow Jones & Company, Inc.