Jonathan Wolfman on Cyber Incident Reporting

SEC Staff Clarifies Form 8-K Item 1.05 is for Cybersecurity Incidents that are Determined to be Material

On May 21, 2024, Erik Gerding, Director of the SEC’s Division of Corporation Finance, issued a statement regarding the disclosure of cybersecurity incidents on Form 8-K. In his statement, Director Gerding encourages companies...more

5/23/2024 / Corporate Governance , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 8-K , Materiality , Publicly-Traded Companies , Securities and Exchange Commission (SEC)

It’s December 18, 2023: Do You Know Where Your Cybersecurity Disclosure Controls and Procedures Are

The requirement to disclose material cybersecurity events under new Item 1.05 of Form 8-K takes effect today (other than for smaller reporting companies, for which the new requirement will take effect on June 15, 2024)....more

12/18/2023 / Corporate Governance , Cyber Incident Reporting , Cybersecurity , Data Breach , Disclosure Requirements , Form 8-K , Publicly-Traded Companies , Reporting Requirements , Securities and Exchange Commission (SEC) , Securities Regulation

Keeping Current With Form 8-K: A Practical Guide - October 2023

Public companies are required to make prompt public disclosures on Form 8-K about a large number of specified events. While Form 8-K does not mandate current reporting of all material events, it goes a long way toward...more

11/16/2023 / Corporate Governance , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 8-K , Internal Controls , Publicly-Traded Companies , Reporting Requirements , Risk Management , Securities and Exchange Commission (SEC)

Preparing for New Cybersecurity Disclosures

Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more

8/14/2023 / Corporate Governance , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Final Rules , Form 8-K , Publicly-Traded Companies , Regulation S-K , Reporting Requirements , Risk Management , Securities and Exchange Commission (SEC) , Securities Regulation

SEC Adopts Cybersecurity Disclosure Rules

On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules for public companies that will require disclosures regarding cybersecurity incidents, as well as cybersecurity risk...more

7/31/2023 / Corporate Governance , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 10-K , Form 20-F , Form 8-K , New Rules , Publicly-Traded Companies , Risk Mitigation , Securities and Exchange Commission (SEC) , XBRL Filing Requirements

Remarks of SEC Enforcement Director on Cyber Resilience

On June 22, 2023, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, spoke on the topic of cyber resilience at the Financial Times Cyber Resilience Summit. Director Grewal defined cyber resilience as a guiding...more

7/7/2023 / Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Enforcement , Publicly-Traded Companies , Securities and Exchange Commission (SEC)

SEC Proposes New Public Company Cybersecurity Disclosure Rules

On March 9, 2022, the SEC proposed rules, by a 3-1 vote, that are intended to enhance disclosures about cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed rules are...more

3/11/2022 / Comment Period , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 10-K , Form 8-K , Investment Adviser , Investment Companies , Proposed Rules , Publicly-Traded Companies , Regulation S-K , Risk Mitigation , Securities and Exchange Commission (SEC)

Jonathan Wolfman

WilmerHale

Popular Topics by This Author

Latest Posts › Cyber Incident Reporting