On March 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed amendments to its rules to require additional disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. These new proposed rules expand on over a decade of focus by the SEC on cybersecurity and the need for adequate risk management.
In 2011, the SEC issued the Division of Corporation Finance’s CF Disclosure Guidance: Topic No. 2 Cybersecurity, which provides guidance to public companies regarding what disclosures should be provided about cybersecurity matters. In response to the increasing significance of cybersecurity incidents, the SEC updated the 2011 Guidance during 2018 with the Commission Statement and Guidance on Public Company Cybersecurity Disclosures. The 2018 Statement reinforced and expanded upon the 2011 Guidance and addressed new topics, specifically the requirement to establish and maintain appropriate disclosure controls and procedures related to cybersecurity. Then, during 2021, the SEC issued two Consent Orders settling charges against two companies for violations of disclosure controls and procedures and misleading investors about cyber intrusions.
But cybersecurity is not only a concern of public companies. In 2022, small and middle-sized companies are increasingly targets of cyber-attacks due to their perceived lack of resources and security expertise. In recognition of this fact, during National Small Business Week (May 1-7, 2022), the U.S. Cybersecurity & Infrastructure Security Agency – the U.S. government agency dedicated to the coordination and execution of national cyber defense – is encouraging small and middle-sized businesses to strengthen their cyber defenses and providing resources for doing so.
As part of this increased focus, in subsequent posts and alerts, our team will continue providing an overview of what public companies are required to consider and execute under the SEC’s Cybersecurity Guidance and Rules, and also provide risk management best practices to implement based on the size and risk profile of both public and non-public businesses.
- Partner
Heather Hatfield represents clients in corporate investigations, white-collar crime investigations and defense involving the Foreign Corrupt Practices Act (FCPA), complex contract disputes, oil and gas litigation ...
- Partner
Blake Runions assists clients with broad range of business disputes and investigatory matters, including partnership disputes, internal investigations, and commercial litigation.
Prior to joining the Firm, Blake worked in the ...
- Associate
Jamie Godsey represents public and private corporations, partnerships, and small companies on a broad range of complex business and commercial litigation. Her experience includes a wide variety of matters such as contractual ...
Recent Posts
- Best Practices to Ensure Compliance with Upcoming Data Protection Regulations
- Government Signals Focus on AI Enforcement and Data Protection
- CSF 2.0 – An Expanded Cybersecurity Framework for all Organizations
- Anti-Corruption Enforcement: 2023 Year-In-Review
- ComEd Settlement Proves the Foreign Corrupt Practices Act Is Not Limited to Foreign Corruption
- Compliance Challenges Arising from the Use of ChatGPT and Artificial Intelligence
- Human Resources Compliance Audits (Part 2)
- Human Resources Compliance Audits (Part 1)
- U.S. Attorneys’ Offices Implement New Voluntary Self-Disclosure Policy
- Anti-Corruption Enforcement: 2022 Year-In-Review
TopicsSelect Category
ArchivesSelect Month
- June 2024
- April 2024
- March 2024
- February 2024
- October 2023
- September 2023
- August 2023
- June 2023
- March 2023
- February 2023
- November 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019