Insights
Professional
Practice
Industry
Region
Trending Topics
Location
Type
Sort by:
Client Alerts 1 result
Client Alert | 6 min read | 07.28.23
Five Key Takeaways from the SEC’s Final Cybersecurity Rules for Public Companies
On July 26, 2023, the SEC finalized long-awaited disclosure rules (the “Final Rules”) regarding cybersecurity risk management, strategy, governance, and incidents by public companies that are subject to the reporting requirements of the Securities Exchange Act of 1934. While the end results are substantially similar to rules proposed by the SEC in March 2022, there are some key distinctions.
Publications 7 results
Publication | 05.14.24
Government Contracts: How Cybersecurity Threats Increase Civil and Criminal Liability
Privacy and Cybersecurity Outlook: The 2024 LandscapeThe risks faced by companies in light of new federal cybersecurity regulations are particularly acute for government contractors, who must also be aware of compounded exposure from the False Claims Act (FCA). The U.S. government is increasingly scrutinizing corporate cybersecurity programs, and companies are vulnerable to new risks of civil and criminal liability related to data breaches. The specter of individual criminal liability looms large since the 2022 conviction of the chief security officer at a leading rideshare company for actions related to his response to data breaches. And now, the SEC has charged the CISO of SolarWinds in his individual capacity with securities fraud related to the company’s cybersecurity regime. All companies—especially government contractors—should consider mitigating risk by auditing their cybersecurity protocols and updating their incident response plans.
Publication | 05.14.24
SEC Enforcement Risk: Mitigation for Companies and Chief Information Security Officers
Privacy and Cybersecurity Outlook: The 2024 LandscapeWith stronger rules requiring disclosure of cyber risk and cyber breaches, 2023 has seen heightened SEC enforcement of companies’ obligations in cyber breaches and, notably, enforcement charges brought directly against Chief Information Security Officers (CISOs).
Publication | 11.15.23
Navigating SEC Cybersecurity Enforcement In A Post-SolarWinds World
Cybersecurity Law Report