The SEC, investment banks and other stakeholders are increasingly focused on cybersecurity in IPO companies given the potential financial, legal and reputational risks....more
The U.S. Securities and Exchange Commission (SEC) is becoming one of the federal agencies at the forefront of driving transparency, cybersecurity awareness and cyber incident reporting. As we reported in last year’s...more
Many companies are in the midst of preparing their year-end Annual Reports on Form 10-K and looking ahead to their annual meeting of shareholders. In addition to changes to rules, regulations and disclosure trends, the...more
As we bid farewell to 2024, we welcome not only another year but also several new disclosure requirements. In this Snapshot, we summarize several developments and best practices for public companies to consider as the 2024...more
This guide discusses important themes and trends for the coming annual reporting season. It also includes a “housekeeping checklist” designed to assist you as you prepare your annual report. ANNUAL CYBERSECURITY...more
On March 6, 2024, the Securities and Exchange Commission adopted its highly anticipated climate-related disclosure rules. The rules faced public scrutiny since their proposal two years ago, with the SEC receiving more than...more
On Wednesday, the SEC approved final rules for standardized climate-disclosure. A tabular summary of the final rules is available here. With two significant exceptions, the final rules are largely consistent with the proposed...more
On March 6, 2024, in a 3-2 vote, the US Securities and Exchange Commission (SEC) adopted final rules requiring registrants to disclose certain climate-related information in registration statements and annual reports. ...more
After a prolific year of rulemaking for the US Securities and Exchange Commission (SEC), public companies need to be aware of new disclosure requirements for their upcoming Form 10-K filings for the fiscal year ended 31...more
In July 2023, the SEC adopted new cybersecurity rules for the stated purpose of enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance and incidents by public companies. The...more
In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more
On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Final Rules”) for public companies that will require disclosures regarding cybersecurity incidents, as well as...more
In the August edition of our Public Company Watch, we cover key issues impacting public companies, including the SEC’s enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and...more
Part I of this blog series discussed the compliance dates and the new definitions in the U.S. Securities Exchange Commission’s (the “SEC”) final rules (the “adopting release”) for cybersecurity disclosures. In Part II, we...more
Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more
Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more
The Securities and Exchange Commission (the “SEC”) issued a final rule on July 26, 2023 that will require public companies to disclose material cybersecurity incidents on Form 8-K within four business days of discovery. In...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules on July 26, 2023, requiring public companies to provide current disclosure, within what may be a short time window, about material cybersecurity incidents...more
Last week, a sharply divided U.S. Securities and Exchange Commission (“SEC”) significantly increased reporting requirements on public companies by adopting a Cybersecurity Risk Management, Strategy, Governance, and Incident...more
On July 26, 2023, the Securities and Exchange Commission (SEC) voted at an open meeting to adopt final rules to mandate standardized cybersecurity disclosures by public companies. The final rules will...more
On July 26, 2023, the Securities and Exchange Commission ("SEC"), in a 3-2 vote, adopted rules that will require public companies to make prescribed cybersecurity disclosures.1 The rules are designed to elicit "consistent,...more
The US Securities and Exchange Commission (SEC) adopted on July 26, 2023 final rules and amendments for mandating disclosure regarding cybersecurity risk management, strategy, governance, and incident reporting, including...more
Our Securities, Securities Litigation, and Privacy, Cyber & Data Strategy teams highlight the key aspects of the Securities and Exchange Commission’s final changes to its cybersecurity reporting rules for public companies...more
In Short - The Situation: On July 26, 2023, the U.S. Securities and Exchange Commission ("SEC") adopted final rules that significantly alter cybersecurity disclosure obligations for companies. The SEC's final rules adopt...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted amendments augmenting and standardizing required disclosures for public companies related to cybersecurity. The rules apply to all registrants, and...more