The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
As we bid farewell to 2024, we welcome not only another year but also several new disclosure requirements. In this Snapshot, we summarize several developments and best practices for public companies to consider as the 2024...more
On October 22, 2024, the Securities and Exchange Commission (SEC) announced that it had charged four companies with making materially misleading disclosures regarding cybersecurity risks and intrusions, with one company also...more
The FAQs offer practical advice for listed companies implementing compliant policies. Key Points: ..By December 1, 2023, all companies listed on the NYSE or Nasdaq must adopt clawback policies that comply with listing...more
Key Point: The decision making processes to determine whether a cybersecurity incident is material or not, should include documenting the factors behind each determination and should be practiced before an incident occurs. ...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted final rules, rule amendments and form amendments to expand and standardize disclosures regarding cybersecurity risk management, strategy, governance,...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
On March 9, 2022, the Securities and Exchange Commission (SEC) announced proposed rules requiring publicly listed companies to make several specific disclosures related to cybersecurity incidents and the registrant's...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed a number of new rules to enhance public companies’ reporting of (i) cybersecurity incidents, (ii) their policies and procedures for identifying and...more
On March 9, 2022, the SEC released proposed rules intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and cyber incident reporting by companies that are subject to the...more
On March 9, 2022, the SEC proposed new requirements for reporting of material cybersecurity incidents in 8-Ks and periodic reports as well as disclosure of board and management roles with respect to cybersecurity and of...more
On December 4, 2020, the SEC brought its first case charging a public company, The Cheesecake Factory, with making misleading disclosures about the effects of COVID-19 on its business operations and financial condition. The...more
SEC Adopts Hedging Rules, Extends Regulation A to all Public Companies and Solicits Comments on Earnings Releases and Quarterly Reports. SEC Adopts Rules for Public Companies to Use Regulation A - Keeping up with the...more
This week, the U.S. Securities and Exchange Commission (SEC) issued its first formal interpretative release on public company disclosure obligations relating to cybersecurity since the SEC Division of Corporation Finance’s...more