The SEC’s Director of Corporation Finance, Erik Gerding, recently issued two statements regarding a public company’s disclosure obligations in response to a cybersecurity incident. These remarks follow the adoption of the...more
6/27/2024
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
Form 8-K ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
SolarWinds ,
Technology
On May 7, 2024, the White House Office of the National Cyber Director (ONCD) released several reports on the United States’ cybersecurity posture and strategic plan. These documents implement the 2023 National Cybersecurity...more
5/15/2024
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Legislative Agendas ,
New Legislation ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Strategic Planning
On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), an operational component of the Department of Homeland Security (DHS), posted for public inspection its long-anticipated notice of proposed...more
4/3/2024
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Retention ,
Enforcement ,
Information Sharing ,
New Rules ,
Proposed Rules ,
Recordkeeping Requirements ,
Reporting Requirements
On July 25, 2023, the US Securities and Exchange Commission (the SEC), by a 3-2 vote, adopted final rules regarding cybersecurity risk management, strategy, governance and incident reporting by public companies (the Final...more
8/7/2023
/ Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
FCC ,
Filing Deadlines ,
Final Rules ,
Popular ,
Proposed Rules ,
Publicly-Traded Companies ,
Reporting Requirements ,
Required Forms ,
Securities and Exchange Commission (SEC) ,
XBRL Filing Requirements
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
7/11/2023
/ Amended Rules ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Disclosure Requirements ,
Enforcement Actions ,
Financial Institutions ,
Incident Response Plans ,
Personal Data ,
Policies and Procedures ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC)
On March 1, 2023, the White House released a new National Cybersecurity Strategy (the Strategy) documenting the Biden-Harris administration’s approach to improving cybersecurity across the digital ecosystem. The Strategy...more