Last month, the U.S. Securities and Exchange Commission issued a proposal to enhance and standardize disclosure requirements related to cybersecurity incident reporting and cybersecurity risk management, strategy, and governance. Among other changes, the SEC’s proposal would require disclosure about material cybersecurity incidents within four business days and require annual disclosure regarding a registrant’s policies and…