Session Abstract: In March 2022, the Securities and Exchange Commission announced proposed changes to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting. Finalized in [April 2023], many have focused on the new timelines for disclosing significant cyber incidents. But there are also new disclosure requirements related to cybersecurity risk management governance, strategy, and policies and procedures, as well as board cybersecurity expertise. Learn what the rules require and how cybersecurity professionals can help their companies comply.