The SEC, investment banks and other stakeholders are increasingly focused on cybersecurity in IPO companies given the potential financial, legal and reputational risks....more
The U.S. Securities and Exchange Commission (SEC) is becoming one of the federal agencies at the forefront of driving transparency, cybersecurity awareness and cyber incident reporting. As we reported in last year’s...more
This guide discusses important themes and trends for the coming annual reporting season. It also includes a “housekeeping checklist” designed to assist you as you prepare your annual report. ANNUAL CYBERSECURITY...more
On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) adopted final rules relating to enhanced cybersecurity disclosures, which became effective on September 5, 2023 (the “Final Rules”). Beginning in December...more
In July 2023, the SEC adopted new cybersecurity rules for the stated purpose of enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance and incidents by public companies. The...more
In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more
On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Final Rules”) for public companies that will require disclosures regarding cybersecurity incidents, as well as...more
In the August edition of our Public Company Watch, we cover key issues impacting public companies, including the SEC’s enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and...more
Part I of this blog series discussed the compliance dates and the new definitions in the U.S. Securities Exchange Commission’s (the “SEC”) final rules (the “adopting release”) for cybersecurity disclosures. In Part II, we...more
Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more
The Securities and Exchange Commission (the “SEC”) issued a final rule on July 26, 2023 that will require public companies to disclose material cybersecurity incidents on Form 8-K within four business days of discovery. In...more
Companies will soon face new reporting requirements with respect to cybersecurity incidents and governance after the US Securities and Exchange Commission (SEC) adopted final rules on 26 July 2023. The final rules supplement...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules on July 26, 2023, requiring public companies to provide current disclosure, within what may be a short time window, about material cybersecurity incidents...more
Last week, a sharply divided U.S. Securities and Exchange Commission (“SEC”) significantly increased reporting requirements on public companies by adopting a Cybersecurity Risk Management, Strategy, Governance, and Incident...more
On July 26, 2023, the Securities and Exchange Commission (SEC) voted at an open meeting to adopt final rules to mandate standardized cybersecurity disclosures by public companies. The final rules will...more
On July 26, 2023, the Securities and Exchange Commission ("SEC"), in a 3-2 vote, adopted rules that will require public companies to make prescribed cybersecurity disclosures.1 The rules are designed to elicit "consistent,...more
The US Securities and Exchange Commission (SEC) adopted on July 26, 2023 final rules and amendments for mandating disclosure regarding cybersecurity risk management, strategy, governance, and incident reporting, including...more
Our Securities, Securities Litigation, and Privacy, Cyber & Data Strategy teams highlight the key aspects of the Securities and Exchange Commission’s final changes to its cybersecurity reporting rules for public companies...more
In Short - The Situation: On July 26, 2023, the U.S. Securities and Exchange Commission ("SEC") adopted final rules that significantly alter cybersecurity disclosure obligations for companies. The SEC's final rules adopt...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted amendments augmenting and standardizing required disclosures for public companies related to cybersecurity. The rules apply to all registrants, and...more
Public companies will soon face new cybersecurity disclosure requirements from the Securities and Exchange Commission (SEC), which voted last week to approve a controversial new cybersecurity rule. The final rule—which is...more
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted rules imposing significant new disclosure requirements regarding cybersecurity risk management, strategy and governance and incident reporting by public...more
On July 26, the U.S. Securities and Exchange Commission adopted rules to enhance and standardize public company disclosure of cybersecurity incidents, risk management, strategy and governance. In particular, the rules,...more