The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
1/7/2025
/ Chief Information Security Officer (CISO) ,
Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
Form 10-K ,
Form 8-K ,
Materiality ,
NIST ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC)
In July 2023, the SEC adopted new cybersecurity rules for the stated purpose of enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance and incidents by public companies. The...more
10/27/2023
/ Compliance ,
Compliance Dates ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 8-K ,
Materiality ,
Popular ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states...more
The Federal Financial Institutions Examination Council (FFIEC) released for comment on January 17 its proposed Social Media: Consumer Compliance Risk Management Guidance. There is a 60-day comment period. The purpose of the...more