Q: Is the Securities and Exchange Commission (SEC) really proposing a rule to require publicly traded companies to disclose detailed cybersecurity risk oversight policies and procedures, and to report cyber incidents within four business days? I'm concerned about this triggering new costs and enforcement risks.
A: For now, it's still…