Companies and CISOs are finding it challenging to meet SEC disclosure rules within the required four days post-breach, leading to changes in third-party agreements, concerns about CISO accountability, and fear of fines, with larger firms better prepared than smaller ones in dealing with incident materiality. ```
https://www.darkreading.com/cybersecurity-operations/cisos-and-their-companies-struggle-to-comply-with-sec-disclosure-rules