What Are Key Action Items Stemming from the New SEC Guidance on Cybersecurity Disclosures?

On February 21, 2018, the Securities and Exchange Commission (“SEC”) issued Statement and Interpretive Guidance on Public Company Cybersecurity Disclosures.  The SEC previously addressed this topic in 2011 Disclosure Guidance: Topic No. 2.  According to SEC Chairman, Jay Clayton, the new interpretive guidance “reinforces and expands” the Division’s 2011 guidance and “addresses the importance of … Continue reading “What Are Key Action Items Stemming from the New SEC Guidance on Cybersecurity Disclosures?”

Five Nutshell Questions about Cybersecurity for the Board of Directors

  On April 29, 2016, the Council of Institutional Investors (CII) published its new Special Report, Prioritizing Cybersecurity: Five Investor Questions for Portfolio Company Boards.  To facilitate effective cybersecurity risk oversight by the board, CII has suggested five questions that a board of directors needs to be able to answer: How are the company’s cyber … Continue reading “Five Nutshell Questions about Cybersecurity for the Board of Directors”

Boards Should Put Time and Resources into Cybersecurity Issues – It Is Good for Business and Works as a Defense Strategy

We have previously blogged about Commissioner Aguilar’s recommendations at a NYSE conference, “Cyber Risks and the Boardroom” on what boards of directors should do to ensure that their companies are appropriately considering and addressing cyber threats. On October 20, 2014, the United States District Court for the District of New Jersey dismissed a derivative lawsuit … Continue reading “Boards Should Put Time and Resources into Cybersecurity Issues – It Is Good for Business and Works as a Defense Strategy”

Cybersecurity as an Investment Risk

PricewaterhouseCoopers LLP (PwC) and Investor Responsibility Research Center Institute (IRRCi) have weighed in on the cybersecurity issue from an investor’s point of view in their paper called What investors need to know about cybersecurity: How to evaluate investment risks. Cybersecurity has been on the public company disclosure radar screen since the SEC’s guidance released in … Continue reading “Cybersecurity as an Investment Risk”

Commissioner Aguilar Shares His Views on Directors’ Oversight of Cyber-Risk Management

On June 10, 2014, Commissioner Luis A. Aguilar spoke at a NYSE conference, “Cyber Risks and the Boardroom,” about what boards of directors should do to ensure that their companies are appropriately considering and addressing cyber threats. Commissioner Aguilar was concerned that “there may be a gap that exists between the magnitude of the exposure … Continue reading “Commissioner Aguilar Shares His Views on Directors’ Oversight of Cyber-Risk Management”

SEC Holds Cybersecurity Roundtable

On March 26, 2014, as we have previously blogged, the SEC hosted a cybersecurity roundtable to address the growing “cyber-threat” faced by public companies and other capital markets participants. The roundtable included four panels that discussed the cybersecurity landscape, public company disclosure, as well as market systems and participants (for an overview of the panels, … Continue reading “SEC Holds Cybersecurity Roundtable”

SEC Announces the Agenda of Its Cybersecurity Roundtable; Target Corporation Files Form 10-K Bleeding out Disclosures about Its Data Breach

We have previously blogged about March 26 SEC cybersecurity roundtable and the SEC paying close attention to cybersecurity issues, especially on the heels of the cybersecurity breaches faced by Target and other retailers.  On March 19, 2014, the SEC issued a notice about the coming cybersecurity roundtable shedding light on the topics that will be … Continue reading “SEC Announces the Agenda of Its Cybersecurity Roundtable; Target Corporation Files Form 10-K Bleeding out Disclosures about Its Data Breach”

SEC Pays Close Attention to Cybersecurity Issues

On February 14, 2014, the SEC announced that it will hold a cybersecurity roundtable on March 26 to discuss the issues and challenges cybersecurity raises for investors and public companies.  The SEC’s roundtable comes on the heels of recent widely publicized security breaches at Target and Neiman Marcus.  As the SEC stated in its press … Continue reading “SEC Pays Close Attention to Cybersecurity Issues”

SEC’s Views on Risk Factor Disclosures

On April 13, 2016, the SEC issued a Concept Release, Business and Financial Disclosure Required by Regulation S-K. In this release, which is part of the SEC’s initiative to review and improve its disclosure requirements, the SEC is seeking comments on whether its “business and financial disclosure requirements continue to elicit important information for investors … Continue reading “SEC’s Views on Risk Factor Disclosures”