For over a decade, the Security and Exchange Commission (SEC) has been working with corporations and their many stakeholders to seek ways to appropriately influence corporate governance around cybersecurity. On 26 July 2023, the SEC voted to implement new rules for all publicly traded corporations.[1] [2]
In 2011, the SEC issued guidance to help companies understand they should take responsibility for reducing cyber risk. This was guidance vice formal regulation, but it helped raise awareness
