WASHINGTON—The U.S. securities regulator is considering extending cyber risk management rules to third-party service providers, and beefing up public company disclosures when they experience a breach, the head of the Securities and Exchange Commission (SEC) said on Monday.
Gary Gensler, in an address to securities industry professionals, mapped out a sweeping overhaul of SEC cyber rules, including changes to how stock exchanges and clearinghouses mitigate, and report on cyber risk under the Regulation “Systems Compliance and Integrity” (SCI) aimed at reducing systems issues and improving resilience.
