On February 21, the SEC adopted new interpretive guidance (the Guidance) to assist public companies in preparing disclosures about cybersecurity risks and incidents.