Key Point: The decision making processes to determine whether a cybersecurity incident is material or not, should include documenting the factors behind each determination and should be practiced before an incident...more
8/23/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Form 8-K ,
Information Technology ,
Policies and Procedures ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Part I of this blog series discussed the compliance dates and the new definitions in the U.S. Securities Exchange Commission’s (the “SEC”) final rules (the “adopting release”) for cybersecurity disclosures. In Part II, we...more
Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
8/16/2023
/ Customer Proprietary Network Information (CPNI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
FCC ,
Final Rules ,
Foreign Private Issuers ,
Form 8-K ,
Regulation S-K ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act