Draft 2024 Cybersecurity Disclosure (CYD) Taxonomy

The Commission adopted rules requiring registrants to periodically disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. See https://www.sec.gov/files/rules/final/2023/33-11216.pdf. As part of the adopted rules, the Commission requires registrants to report and disclose cybersecurity information using Inline eXtensible Business Reporting Language (XBRL). The elements needed to tag this information are in the new draft Cybersecurity Disclosure (CYD) taxonomy.

A draft version of the CYD taxonomy has been posted, and the files are available at https://www.sec.gov/structureddata/dera_taxonomies. Please provide comments to StructuredData@sec.gov by August 23, 2024. Include “Draft 2024 CYD Taxonomy” in the subject header.