US public companies, including listed crypto firms, must now disclose major cybersecurity incidents within four days, according to new rules from the Securities and Exchange Commission (SEC). Effective 30 days after publication in the Federal Register, the rules aim to strengthen cybersecurity risk management measures for the benefit of investors. Publicly-listed crypto firms such as Coinbase, Marathon Digital, Riot Blockchain, and Hive Digital Technologies will be affected by these regulations. The SEC cited the increase in digital payments and digitized operations, along with the ability of criminals to monetize cybersecurity incidents, as reasons for the new rules.