However, recognizing that state and local officials should be kept
informed about cybersecurity risks to election infrastructure, we are working with them to refine our processes for sharing this information while protecting the integrity of investigations and the confidentiality of system owners.
«[T] he Commission believes that it is critical that public companies take all required actions to
inform investors
about material
cybersecurity risks and incidents in a timely fashion,» the report states, «including those companies that are subject to material
cybersecurity risks but may not yet have been the target of a cyber-attack.»