News & Analysis as of

Final Rules Cyber Incident Reporting

Keating Muething & Klekamp PLL

Pay vs. Performance and Cybersecurity Disclosure Rules: Will the SEC Retract Rulemaking?

On March 31, 2025, members of the U.S. House of Representatives Committee on Financial Services sent a letter to Mark Uyeda, Acting Chairman of the U.S. Securities and Exchange Commission. Seeking to “undo the damage from...more

Blank Rome LLP

Cybersecurity in the Marine Transportation System: What You Need to Know About the Coast Guard's Final Rule

Blank Rome LLP on

The U.S. Coast Guard (“USCG”) published a final rule on January 17, 2025, addressing Cybersecurity in the Marine Transportation System (the “Final Rule”), which seeks to minimize cybersecurity related transportation security...more

Bass, Berry & Sims PLC

Final Rule Expands Defense Industrial Base Cybersecurity Program Eligibility Criteria

On March 12, the Department of Defense (DOD) promulgated a final rule that expands the eligibility criteria for the Defense Industrial Base (DIB) Cybersecurity Program, a voluntary initiative aimed at bolstering the DIB’s...more

Goodwin

DoD Significantly Expands Voluntary Cybersecurity Program for Defense Contractors

Goodwin on

The U.S. Department of Defense (DoD) published a finalized rule on March 12, 2024, which expands access to defense contractors who wish to participate in the Defense Industrial Base (DIB) Cybersecurity (CS) Program....more

Burr & Forman

Cyber Incident Reporting Obligations for Public Companies under the SEC’s New Cybersecurity Rules

Burr & Forman on

The U.S. Securities Exchange Commission (SEC) recently adopted a final rule regarding cybersecurity risk management, governance, and incident reporting. The final rule went into effect on September 5, 2023, and disclosure...more

Polsinelli

The SEC Raises the Stakes: New Cybersecurity Rules for Publicly Traded Companies Hit the Books in 2023

Polsinelli on

In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more

Mayer Brown Free Writings + Perspectives

Cybersecurity Disclosure and Compliance & Disclosure Interpretations

Recently, in advance of the effective date (December 18, 2023), the Director of the SEC’s Division of Corporation Finance provided additional guidance regarding the final rules relating to cybersecurity incident disclosure...more

Davis Wright Tremaine LLP

Broker Dealer Regulatory Digest - October 2023

Editor's Note - The following newsletter provides a roundup summarizing enforcement actions, guidance, rulemakings, and other public statements taken by a federal and/or state financial services regulatory agency,...more

Woods Rogers

Examining Materiality and Cybersecurity Incidents: Practical Tips for Implementing the New SEC Rules

Woods Rogers on

Publicly traded companies have tangled with the question of when a cybersecurity incident should be disclosed to the public and investors. In a bid to add clarity to the topic, the U.S. Securities and Exchange Commission...more

Parker Poe Adams & Bernstein LLP

Next Steps for Companies Ahead of December Deadline for SEC Cybersecurity Disclosures

In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more

Ankura

[Webinar] SEC New Cybersecurity Final Rule: A Different Perspective from the Viewpoints of the CISO, General Counsel, & The Board...

Ankura on

Any time a regulation is put forth, there is always a level of uncertainty, especially regarding understanding the roles and responsibilities of key business leaders. The SEC’s new cybersecurity final rule means heightened...more

Kelley Drye & Warren LLP

SEC Issues Final Rules on Cybersecurity Disclosures

On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Final Rules”) for public companies that will require disclosures regarding cybersecurity incidents, as well as...more

Stikeman Elliott LLP

SEC Adopts New Cybersecurity Disclosure Rules for U.S. Public Companies and Foreign Private Issuers

Stikeman Elliott LLP on

The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more

Venable LLP

Key Actions for Public Companies under the SEC's New Cybersecurity Rules

Venable LLP on

On July 26, 2023, the Securities Exchange Commission (SEC) adopted a final rule intended to augment and standardize disclosures regarding cybersecurity risk management, governance, and incident reporting. The new rule imposes...more

The Volkov Law Group

Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules

The Volkov Law Group on

In late July 2023, the Securities and Exchange Commission (“SEC”) adopted new rules requiring public companies to disclose cybersecurity incidents and cybersecurity governance policies and practice.  The SEC largely adopted...more

Bracewell LLP

SEC Cybersecurity Reporting Requirements for Public Companies: Applying Old Standards to New Risks

Bracewell LLP on

On July 26, 2023, the Securities and Exchange Commission (“SEC”) issued a final rule that requires registrants to provide enhanced and standardized disclosures regarding “cybersecurity risk management, strategy, governance...more

Holland & Knight LLP

SEC Cybersecurity Rules: Considerations for Incident Response Planning

Holland & Knight LLP on

The new Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules (Final Rules) adopted by the U.S. Securities and Exchange Commission (SEC) were published in the Federal Register on Aug. 4, 2023, and...more

Dechert LLP

SEC Final Rule Exempts ABS Issuers from New Cybersecurity Disclosure and Reporting Requirements

Dechert LLP on

ABS issuers have been exempted from the U.S. Securities and Exchange Commission's (“SEC”) final rule requiring certain cybersecurity risk and incident disclosure (the “Final Rule”). The SEC left open the possibility of...more

Epiq

Breaking Down the New SEC Cybersecurity Rules

Epiq on

On July 26, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules. Organizations will need to disclose material cyber incidents pursuant to a prescribed timeline and information regarding risk...more

Husch Blackwell LLP

SEC Heightens Issuers' Cybersecurity Disclosure Requirements

Husch Blackwell LLP on

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more

Woodruff Sawyer

Roadmap for Plaintiffs or Boon for Investors: The SEC’s New Cyber Rules

Woodruff Sawyer on

They’re here. No, not poltergeists. Just the Securities and Exchange Commission’s new cyber disclosure rules. While implementing them will be challenging, and new, serious risks will emerge, the rules are now final and public...more

Wyrick Robbins Yates & Ponton LLP

SEC Adopts Final Cybersecurity Rules

Following up on our previous report from almost a year ago, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) has adopted final rules intended to enhance and standardize disclosures regarding...more

WilmerHale

Preparing for New Cybersecurity Disclosures

WilmerHale on

Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more

Hogan Lovells

SEC adopts significant new cybersecurity disclosure requirements

Hogan Lovells on

On July 26, the SEC adopted amendments to Regulation S-K and Exchange Act forms requiring public companies to disclose on a current basis material cybersecurity incidents and to disclose annually information regarding their...more

Shook, Hardy & Bacon L.L.P.

SEC Issues Rules on Cybersecurity Reporting Obligations

On July 26, the Securities and Exchange Commission (SEC) issued new rules adding cybersecurity disclosures for public companies in three areas: cybersecurity incidents, governance, and risk management and strategy. The new...more

72 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide