Public crypto companies must disclose cybersecurity incidents, per new SEC rules

The new rules add a layer of transparency for investors to see when a public company, such as Coinbase or MicroStrategy, has faced a cybersecurity incident

article-image

Michael Traitov/Shutterstock modified by Blockworks

share

The US Securities and Exchange Commission is requiring public companies, including public crypto companies, to disclose cybersecurity incidents.

The new rule, adopted on Wednesday, aims to ensure that investors receive potentially “material” information when a company has been attacked. 

“Currently, many public companies provide cybersecurity disclosure to investors. I think companies and investors alike, however, would benefit if this disclosure were made in a more consistent, comparable, and decision-useful way. Through helping to ensure that companies disclose material cybersecurity information,” SEC Chair Gary Gensler said. 

Companies such as Coinbase, Marathon Holdings, Bitdeer and MicroStrategy will be impacted by the new SEC rules. 

“There has been a substantial rise in the prevalence of cybersecurity incidents, propelled by several factors: the increase in remote work spurred by the COVID-19 pandemic; the increasing reliance on third-party service providers for information technology services; and the rapid monetization of cyberattacks facilitated by ransomware, black markets for stolen data, and crypto-asset technology,” the SEC noted.

The SEC added that “evidence suggests” that companies are “underreporting cybersecurity risks.”

The new rule change will make it necessary for companies to give clear and specific information about any incidents that occur. This information will include details about when the incident happened, how it affected the company and its users, whether any data was stolen or accessed, and updates on whether the company has remediated the situation. All of this will be included in a new item, dubbed 1.05, included on 8K forms. 

Public companies will also have to “describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as the material effects or reasonably likely material effects of risks from cybersecurity threats and previous cybersecurity incidents” on Regulation S-K. 

8K forms give investors updates on big changes at listed companies. 

The change comes as the SEC’s chief accountant warned that accounting firms working as auditors for the crypto industry need to be mindful of anti-fraud laws. 

SEC Commissioner Hester Peirce, who has shown support for crypto in the past, tweeted that “crypto platforms [and] their accountants should be clear about what proof of reserves is and isn’t,” but she warned against discouraging “good-faith efforts to provide more transparency.”


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

kamino cover.jpg

Research

Kamino has solidified its position as the leading money market on Solana and is emerging as a DeFi bluechip. Although DeFi competition is fierce, Kamino has kept iterating on its product to provide the best-in-class UX, paired with a robust risk management framework and battle-tested infrastructure. Given the rollout of Kamino Lend V2, the protocol may scale aggressively over the coming months, penetrating previously untapped markets in Solana DeFi.

article-image

Also in the tokenized fund space, Franklin Templeton launches on Base and Securitize hits $1 billion in tokenized RWA onchain

article-image

It turns out that bitcoin never actually hit an all-time high in March. Thanks a lot, inflation.

article-image

Spire, Citrea and Nillion also announced raises this week

article-image

The latest recipient of an SEC Wells notice is a Web3 gaming company

article-image

Thursday’s selloff was led by tech stocks, triggered by disappointing outlooks from giants Meta and Microsoft

article-image

Historically, positive returns have been a bit more of a toss-up during the year’s 11th month