What is non-GAAP?
The SEC continues to leave its mark as a federal cybersecurity enforcer and closed out the year by charging another company with making misleading statements about a cybersecurity attack and failing to maintain cyber-related...more
On July 26, 2023, the SEC adopted new cybersecurity rules, which have two top-line impacts. First, registrants must disclose material cybersecurity incidents promptly on Form 8-K. Second, registrants must disclose new...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted its long-anticipated cybersecurity reporting rule (the “Final Rule”). The Final Rule applies to public companies subject to the reporting requirements...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
The Securities and Exchange Commission (“SEC”) has admonished companies to report material cybersecurity incidents in their public filings since 2011, but this week the SEC announced a new rule actually requiring disclosure...more
As part of the SEC's broader rulemaking initiative, on March 9, 2022, the SEC proposed amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by...more
One thing I appreciate about the SEC comment letter process is that it gives real life examples to what is often discussed hypothetically. Take, for example, cybersecurity and steps management should take when a data incident...more
On April 24, 2018, the United States Securities and Exchange Commission (“SEC”) instituted a settled administrative proceeding against Altaba Inc., f/d/b/a Yahoo! Inc. (“Yahoo!”) for allegedly failing to disclose a...more
On April 24, 2018, the Securities and Exchange Commission announced a settled enforcement proceeding against Altaba Inc. (formerly known as Yahoo! Inc.) arising out of data breaches suffered by Yahoo in 2014, 2015 and 2016....more
Despite focused media coverage and a steady increase in the number of data breaches involving public companies, there has not been a corresponding increase in shareholder securities fraud and shareholder derivative claims...more
The SEC's new guidance on public company cybersecurity disclosures and Chairman Clayton's accompanying statement emphasize the SEC's expectations that public companies: (i) implement comprehensive cybersecurity policies that...more