The Securities and Exchange Commission issued a final rule effective on September 5, 2023, relating to cybersecurity risk management, strategy, governance, and incidents by public companies that are subject to reporting requirements under the Securities Exchange Act.