American banking and financial industry advocacy groups have petitioned the Securities and Exchange Commission to repeal its cybersecurity incident public disclosure requirements.
Five US banking groups led by the American Bankers Association asked the regulator to remove its rule in a May 22 letter, arguing that disclosing cybersecurity incidents “directly conflicts with confidential reporting requirements intended to protect critical infrastructure and warn potential victims.”
The group, which also included the Securities Industry and Financial Markets Association, the Bank Policy Institute, Independent Community Bankers of America and the Institute of International Bankers, claimed that the rule compromises regulatory efforts to enhance national cybersecurity.
The SEC’s Cybersecurity Risk Management rule, published in July 2023, requires companies to rapidly disclose cybersecurity incidents such as data breaches or hacks. However, the banking groups argue this rule was flawed from the start and has proven problematic in practice since taking effect.
The banking bodies said that the “complex and narrow disclosure delay mechanism” interferes with incident response and law enforcement and creates “market confusion” between mandatory and voluntary disclosures.
Public disclosure has also been “weaponized as an extortion method by ransomware criminals to further malicious objectives,” and premature disclosures worsen insurance and liability issues for companies and “risks chilling candid internal communications and routine information sharing,” the group claimed.
Some of the banking groups’ claims and fears regarding the ruling. Source: SIFMA
The groups specifically want “Item 1.05” to be rescinded from the SEC’s rules for Form 8-K reporting and parallel reporting requirements applicable to Form 6-K.
Form 8-K is used to publicly notify investors in US public companies of specified events, including cybersecurity incidents, that may be important to shareholders or the SEC.
“Critically, without Item 1.05, investor interests will still be protected, and we believe they would be better served through the pre-existing disclosure framework for reporting material information, which may include material cybersecurity incidents,” the groups stated.
The full petition included examples of confusion from participants, specific incidents of ransomware attacks and documented regulatory conflicts.
Public crypto companies impacted
The requirement also impacts publicly listed crypto companies such as Coinbase, which disclosed earlier this month that hackers had bribed its support staff to leak its user data.
The disclosure saw the company hit with at least seven lawsuits over the disclosure.
Coinbase said that it rejected a $20 million ransom demand after staff leaked user data in a major phishing attack, which the exchange said could cost it up to $400 million in damages.
If the SEC rescinds the requirement, it may give firms such as Coinbase more time to disclose cybersecurity incidents to the public.
The chief rabbi has described the BBC’s response to anti-IDF chanting at Glastonbury as “belated and mishandled” – as the punk-rap duo involved, Bob Vylan, said the UK government needed to talk about its “criminal inaction”.
Sir Ephraim Mirvis said “vile Jew-hatred” had been aired at the Somerset music festival and it was a “time of national shame”.
Confidence in the BBC’s “ability to treat antisemitism seriously” has been brought to a “new low”, he said in a post on X, adding that “outright incitement to violence and hatred” appeared to be acceptable if it was couched as “edgy political commentary”.
Ordinary people had not only failed to see incitement “for what it is” but had cheered it, chanted it, and celebrated it, he said. “Toxic Jew-hatred is a threat to our entire society,” he added.
Bob Vylan, posting a new statement on Instagram on Tuesday, said they were “not for the death of Jews, Arabs or any other race or group of people”.
Rather, they were for the “dismantling of a violent military machine” – the Israel Defence Forces.
Bob Vylan chanted “death to the IDF” at Glastonbury. As many as 95% of the IDF are thought to be Jewish.
In their statement, the group said they were a “distraction from the story” and that whatever “sanctions” they received would also be a distraction.
Their US visas have been revoked and United Talent Agency, their US representatives, have dropped them.
Image: Bob Vylan with their MOBO award in London in November 2022. Pic: Reuters
Referring to the war in Gaza, they claimed the UK government does not want them to ask “why they remain silent in the face of this atrocity”, “why they aren’t doing more to stop the killing” and “feed the starving”.
They added: “The more time they talk about Bob Vylan, the less time they spend answering for their criminal inaction.
“We are being targeted for speaking up. We are not the first, we will not be the last, and if you care for the sanctity of human life and freedom of speech, we urge you to speak up, too.”
It has emerged that Tim Davie, the BBC’s director-general, was at Glastonbury when the duo led chants of “Death to the IDF” which were broadcast live.
The prime minister’s spokesman, asked if the PM had confidence in Mr Davie, said Sir Keir Starmer had “confidence in the BBC”, adding: “The position of the director-general is a matter for the BBC’s board.”
Speaking in the Commons, Culture Secretary Lisa Nandy said “accountability” was important and it was something she had “impressed upon the BBC leadership”.
She added: “When you have one editorial failure, it’s something that must be gripped. When you have several, it becomes a problem of leadership.”
The cabinet minister said she’d called Mr Davie after Bob Vylan’s set had been broadcast to find out why it had aired, and why the feed had not been cut.
“I expect answers to these questions without delay,” she said.
Meanwhile Dame Caroline Dinenage, chair of the culture, media and sport committee, has written to Mr Davie in relation to the corporation’s Glastonbury coverage.
The committee has said the letter asks about editorial and decision-making processes and whether consideration was given to broadcasting with a delay. It also asks about staffing levels at the festival and contingency planning.
Image: Lisa Nandy, the culture secretary, has claimed there is a ‘problem of leadership’ at the BBC. File pic: PA
Avon and Somerset Police has begun a criminal investigation and is reviewing footage of both Bob Vylan and Kneecap’s performances at Glastonbury.
The force said a senior detective had been appointed – and it had been contacted by people from around the world.
“We… recognise the strength of public feeling,” it said.
During Kneecap’s set, one member suggested starting a “riot” outside his bandmate’s forthcoming court appearance, before clarifying that he meant “support”. Liam Og O hAnnaidh, also known as Mo Chara, is charged with a terror offence.
Image: Moglai Bap and Mo Chara of Kneecap performing at Glastonbury. Pic: Reuters
Bob Vylan had been due to tour the US before their visas were revoked.
US deputy secretary of state Christopher Landau said action had been taken “in light of their hateful tirade at Glastonbury, including leading the crowd in death chants”.
“Foreigners who glorify violence and hatred are not welcome visitors to our country,” he added.
Spotify
This content is provided by Spotify, which may be using cookies and other technologies.
To show you this content, we need your permission to use cookies.
You can use the buttons below to amend your preferences to enable Spotify cookies or to allow those cookies just once.
You can change your settings at any time via the Privacy Options.
Unfortunately we have been unable to verify if you have consented to Spotify cookies.
To view this content you can use the button below to allow Spotify cookies for this session only.
During Bob Vylan’s set, the duo performed in front of a screen that showed several messages, including one that claimed Israel’s actions in Gaza amounted to “genocide”.
The war in Gaza began after Hamas militants attacked Israel on 7 October 2023 and killed 1,200 people and took about 250 hostage.
Israel’s offensive in Gaza has led to the deaths of more than 56,500 people, according to the Hamas-run health ministry, which does not differentiate between civilians and combatants.
Media watchdog Ofcom has said the BBC “clearly has questions to answer” over the live stream from Glastonbury.
A BBC spokesperson said: “The director-general was informed of the incident after the performance and at that point he was clear it should not feature in any other Glastonbury coverage.”
The broadcaster respects freedom of expression but “stands firmly against incitement to violence”, they said.
They added: “The antisemitic sentiments expressed by Bob Vylan were utterly unacceptable and have no place on our airwaves…
“The team were dealing with a live situation, but with hindsight we should have pulled the stream during the performance. We regret this did not happen.”