On May 21, 2024, Erik Gerding, Director of the SEC’s Division of Corporation Finance, issued a statement regarding the disclosure of cybersecurity incidents on Form 8-K. In his statement, Director Gerding encourages companies...more
On April 15, 2024, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, spoke at a compliance and enforcement conference regarding the challenges and potential missteps associated with the increased use of...more
The requirement to disclose material cybersecurity events under new Item 1.05 of Form 8-K takes effect today (other than for smaller reporting companies, for which the new requirement will take effect on June 15, 2024)....more
Public companies are required to make prompt public disclosures on Form 8-K about a large number of specified events. While Form 8-K does not mandate current reporting of all material events, it goes a long way toward...more
On October 30, 2023, the Securities and Exchange Commission (“SEC”), filed a complaint against SolarWinds Corp. (“SolarWinds” or the “Company”) for fraud and internal and disclosure controls failures relating to allegedly...more
Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more
8/14/2023
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules for public companies that will require disclosures regarding cybersecurity incidents, as well as cybersecurity risk...more
7/31/2023
/ Corporate Governance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-K ,
Form 20-F ,
Form 8-K ,
New Rules ,
Publicly-Traded Companies ,
Risk Mitigation ,
Securities and Exchange Commission (SEC) ,
XBRL Filing Requirements
On June 22, 2023, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, spoke on the topic of cyber resilience at the Financial Times Cyber Resilience Summit. Director Grewal defined cyber resilience as a guiding...more
On March 9, 2022, the SEC proposed rules, by a 3-1 vote, that are intended to enhance disclosures about cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed rules are...more
3/11/2022
/ Comment Period ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-K ,
Form 8-K ,
Investment Adviser ,
Investment Companies ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Mitigation ,
Securities and Exchange Commission (SEC)
The SEC continued its recent run of rulemaking activity with two sets of amendments last week that impact reporting by public companies. On Tuesday, November 17, the SEC announced that it will begin to permit the use of...more
Always a fertile source of regulatory perspective, this year’s Baruch College Financial Reporting Conference featured a future-oriented theme in remarks by Chief Accountant of the Securities and Exchange Commission Wesley...more
5/15/2019
/ Accounting Standards ,
Audit Committee ,
Corporate Governance ,
Cybersecurity ,
FASB ,
Financial Reporting ,
ICFR ,
Independent Audits ,
Internal Controls ,
PCAOB ,
Professional Conferences ,
Publicly-Traded Companies ,
Regulatory Standards ,
Securities and Exchange Commission (SEC)
Yesterday, the Securities and Exchange Commission released an investigative report regarding its investigation into whether nine public companies that were victims of cyber-related frauds violated federal securities laws by...more
The IPO market produced 142 IPOs in 2017, a total that was 45% higher than the 98 IPOs in 2016 and just shy of the 152 IPOs in 2015, but still lower than the annual average of 155 IPOs over the five-year period from 2011 to...more
Cybersecurity is one of the highest priority issues for public company executives and directors. This note shares our views—developed over our involvement in the aftermath of many cybersecurity events as well as counseling on...more
Cybersecurity continues to emerge as a key risk that is attracting the attention of regulators and boards of directors. Companies take different approaches regarding how the board fulfills its oversight duty with respect to...more