In March 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. This thought pieces discusses these proposed rules and gives examples of corporate cybersecurity disclosures to date.