Newly Proposed SEC Cybersecurity Risk Management and Governance Rules and Amendments for Public Companies
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new cybersecurity rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The text of the proposed rules is available here. The SEC proposal would continue to ratchet up … Read More
Governance Challenges 2021–2022: Digital Transformation Oversight
Privacy and cybersecurity concerns are expanding, and with them the proliferation of laws and regulations. Boards play a key role in ensuring that companies are positioned to comply with various jurisdictional requirements, that they understand and mitigate related risks, and that they are well-prepared to play a key role in … Read More
SEC Issues New Guidance on Cybersecurity Disclosure Requirements
On February 21, 2018, the U.S. Securities and Exchange Commission issued interpretive guidance (the Guidance) to assist public companies in drafting their cybersecuritydisclosures in SEC filings. See 83 FR 8166 (Feb. 26, 2018). In his public statement accompanying the issuance of this guidance, SEC Chairman Jay Clayton said he believed … Read More