A Practical Guide to Implementing SEC Guidance on Disclosure of Cybersecurity Risks and Cyber Incidents


Recent, high-profile cyber attacks and cybersecurity lapses have resulted in a serious focus on cybersecurity from the Obama administration, the Senate and the SEC. In the past year, there were reports of cyber thieves hacking corporate networks to steal customer data from financial services firms and retailers, intellectual property from life sciences, technology and industrial companies and information regarding the location of major oil reserve from multinational oil companies. This proliferation of cyber attacks led to five U.S. senators writing to SEC Chairwoman Mary Schapiro asking the SEC to develop and publish interpretive guidance on the disclosure of cybersecurity risks by public companies. The SEC’s Division of Corporation Finance staff did so in October 2011 (www.sec.gov/divisions/corpfin/guidance/cfguidancetopic2. htm).

Corp Fin’s guidance is not a new disclosure rule, nor does it give the SEC specific authority to regulate a company’s cybersecurity policy. Rather, the guidance is a clarification of existing disclosure obligations; and with 10-Ks due soon for a number of public companies, now is the time to understand and consider the disclosure impact of this guidance....

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.