Over the past two years, the U.S. Securities and Exchange Commission’s Division of Corporation Finance (Corp Fin) has highlighted the importance of cybersecurity disclosures in filings with the SEC. Corp Fin’s initiative appears likely to stay steady and even to escalate. Proper attention to cybersecurity disclosures can help a company avoid a comment letter on this issue from Corp Fin and decrease the likelihood of facing a securities class action or shareholder derivative action, or both, in the wake of a cyber attack or data breach.
Corp Fin's Disclosure Guidance -
With cybersecurity garnering more attention, in October 2011 Corp Fin issued “disclosure guidance” regarding cybersecurity disclosures. Corp Fin stated that its intent was to assist companies “in assessing what, if any, disclosures should be provided about cybersecurity matters in light of each company’s specific facts and circumstances.”
Originally published in Law360 on November 1, 2013.
Please see full publication below for more information.