Sep 282023

SEC’s Cybersecurity Disclosure Rules Are Here. Is Your Company Ready to Comply?

Sonia Gupta Barros, Colleen Theresa Brown and Samir A. Gandhi
, , , , , , ,

Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.

In this episode of The Sidley Podcast, host and Sidley partner Sam Gandhi speaks with two of the firm’s thought leaders on these issues — Sonia Barros and Colleen Brown. Sonia is a partner in Sidley’s Capital Markets group and co-leader of the firm’s Public Companies practice. Colleen is a partner in the firm’s practices in Privacy and Cybersecurity, Commercial Litigation and Disputes, Crisis Management and Strategic Response, and Insurance. Together, they discuss the SEC’s newly adopted regulations for disclosing information on cyber risk and how companies and their boards can best comply.

Executive Producer: John Metaxas, WallStreetNorth Communications, Inc.

View the transcript here.

This post is as of the posting date stated above. Sidley Austin LLP assumes no duty to update this post or post about any subsequent developments having a bearing on this post.

Sonia Gupta Barros

Washington, D.C.

sbarros@sidley.com

Colleen Theresa Brown

Washington, D.C.

cbrown@sidley.com

Samir A. Gandhi

New York

sgandhi@sidley.com

You might also like
Top 10 Questions on the EU AI Act

The EU AI Act will be the first standalone piece of legislation worldwide regulating the use and provision of AI in the EU, and will form a key consideration in AI governance programs. The AI Act will have a significant impact on many organizations inside and outside the EU, with failure to comply potentially leading to fines of up to 7% of annual worldwide turnover.

Regulatory Update: National Association of Insurance Commissioners Spring 2024 National Meeting

The National Association of Insurance Commissioners (NAIC) held its Spring 2024 National Meeting (Spring Meeting) March 15 through 18, 2024. This Sidley Update summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Spring Meeting. Highlights include proposed updates to the regulatory review process for affiliated investment management agreements, continued discussion of considerations related to private equity ownership of insurers, and continued development of accounting principles and investment limitations related to certain types of bonds and structured securities.

FinCEN Seeks Input on Banks’ Collecting Partial Social Security Numbers for Customer Identification Programs

On March 28, 2024, the Financial Crimes Enforcement Network (FinCEN), in consultation with the U.S. banking agencies and the National Credit Union Administration, issued a request for information (RFI) regarding the customer identification program (CIP) requirement for depository institutions (referred to herein as banks) to collect tax identification numbers (TINs).Comments are due by May 28, 2024.