Dark Reading: Back in July, the Securities and Exchange Commission (SEC) adopted a rule "requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance."