The U.S. Securities and Exchange Commission (“SEC”) earlier this year adopted rules requiring public companies to provide enhanced disclosure of material cybersecurity incidents, as well as cybersecurity risk management,...more
The Securities and Exchange Commission (“SEC”) has proposed rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and cybersecurity incident reporting by public companies...more
It seems to be a very simple question that does not always produce a clear-cut response. A group of high profile executives, including CEOs of major US corporations, tried to reach consensus on commonsense principles that are...more
PricewaterhouseCoopers LLP (PwC) and Investor Responsibility Research Center Institute (IRRCi) have weighed in on the cybersecurity issue from an investor’s point of view in their paper called What investors need to know...more
On June 10, 2014, Commissioner Luis A. Aguilar spoke at a NYSE conference, “Cyber Risks and the Boardroom,” about what boards of directors should do to ensure that their companies are appropriately considering and addressing...more