The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (the “Cybersecurity Rules”), which the Securities and Exchange Commission (SEC) had adopted earlier this year,...more
A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth...more
The U.S. Securities and Exchange Commission (“SEC”) earlier this year adopted rules requiring public companies to provide enhanced disclosure of material cybersecurity incidents, as well as cybersecurity risk management,...more
Earlier this week, the SEC accused SolarWinds Corporation (“SolarWinds” or the “Company”) and its Chief Information Security Officer (“CISO”) of committing scienter-based securities fraud, among other violations, for...more
On October 30, 2023, the SEC filed charges against SolarWinds Corp. and its chief information security officer (CISO), alleging: ..Failures to disclose known cybersecurity vulnerabilities affecting the company’s “crown...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more