SEC Updates Public Company Disclosures Guidance for Cybersecurity Risks and Incidents


The interpretive release outlines the SEC’s views with respect to cybersecurity disclosure requirements under the federal securities laws as they apply to public operating companies. The revised guidance now includes two topics not developed in the staff’s 2011 guidance, the importance of cybersecurity policies and procedures and the application of insider trading prohibitions in the cybersecurity context. In meeting their disclosure obligations, companies may need to disclose previous or ongoing cybersecurity incidents or other past events in order to place discussions of cyber risks in the appropriate context.

Recent Posts
Contact Us

Please send us a short message and we'll get back to you soon. Thank you.