News & Analysis as of

Securities and Exchange Commission (SEC) Cybersecurity Disclosure Requirements

Holland & Knight LLP

Undeterred by the SolarWinds Storm: SEC Charges Victims of Compromised Software

Holland & Knight LLP on

The SEC on Oct. 22, 2024, announced charges against four companies for allegedly making materially misleading disclosures concerning the impact of cybersecurity incidents associated with the compromised SolarWinds' Orion...more

Fenwick & West LLP

The SEC is Cracking Down on Misleading Cybersecurity Disclosure

Fenwick & West LLP on

On October 22, 2024, the SEC charged two current reporting companies, Unisys Corp. and Check Point Software Technologies, and two former public companies, Mimecast Limited and Avaya Holdings Corp., with making materially...more

McGuireWoods LLP

SEC Settles Charges for Alleged Misleading Disclosures, Shedding Light on Materiality in Cyber Context

McGuireWoods LLP on

On Oct. 22, 2024, the Securities and Exchange Commission (SEC) announced settled charges against four current and former public companies, Unisys, Avaya Holdings, Check Point Software Technologies and Mimecast, for allegedly...more

Orrick, Herrington & Sutcliffe LLP

Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?

Most high-growth companies have technical debt: work owed to IT or software development due to shortcuts that advance the business. That’s natural. But what if the debt carries security risks? Orrick capital markets partner...more

A&O Shearman

Undeterred By Recent Court Loss, SEC Charges Four Companies With Inadequate Cyber Disclosures In The Aftermath Of SolarWinds...

A&O Shearman on

On October 22, 2024, the SEC announced that it had entered into settlements with four separate companies for making allegedly misleading disclosures about how they were impacted by the SolarWinds data breach in 2019. The...more

Kramer Levin Naftalis & Frankel LLP

SEC Announces Penalties Against Four Companies for Downplaying Severity of SolarWinds Cybersecurity Breach in Disclosures

On Oct. 22, 2024, the Securities and Exchange Commission announced that it charged four technology companies with making materially misleading disclosures about the effect the SolarWinds cyberattack had on these issuers. To...more

Robinson+Cole Data Privacy + Security Insider

Four Companies Settle Allegations of Deceptive Cyber Disclosures with SEC

This week, the Securities and Exchange Commission (SEC) charged four public companies for alleged deceptive cyber disclosures: Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd., and Mimecast Limited....more

Keating Muething & Klekamp PLL

SEC Fines Four Companies $7M for Violating Cyber Disclosure Rules

On October 22, 2024, the Securities and Exchange Commission charged four companies with making materially misleading disclosures about their cybersecurity risks. Each of the companies—Unisys Corp., Avaya Holdings Corp., Check...more

Cooley LLP

SEC Enforcement mini-sweep charges hypothetical risk factors and other misleading cyber disclosures

Cooley LLP on

On Tuesday, the SEC announced settled charges against four companies for “making materially misleading disclosures regarding cybersecurity risks and intrusions. The charges against the companies, Unisys Corp., Avaya Holdings...more

Troutman Pepper

Cyber Incident Response Checklist for SEC Compliance

Troutman Pepper on

By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more

BCLP

Time to Get Ready for the 2025 Reporting Season

BCLP on

As companies prepare for the upcoming proxy and annual report season, the following lists some of the key items to consider...more

Morrison & Foerster LLP

When Your Life Sciences Are on the Line: Cybersecurity

Morrison & Foerster LLP on

Morrison Foerster Investigations + White Collar Defense partner Nate Mendell, former Acting U.S. Attorney for the District of Massachusetts, hosted the fifth episode of When Your Life Sciences Are on the Line, where leading...more

KPMG Board Leadership Center (BLC)

Directors Quarterly: October 2024

This edition includes a financial reporting and auditing update for audit committees, highlights from the KPMG 2024 US CEO Outlook, view on the post-election geoeconomic forecast, CEO succession planning, and the latest in...more

Carlton Fields

Going Up: SEC Cyber Incident Reporting - Regulation S-P Amendments Take It to Next Level

Carlton Fields on

On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more

Perkins Coie

2024 Ray Garrett Jr. Corporate & Securities Law Institute: SEC Officials Comment on Disclosures and Enforcement Priorities

Perkins Coie on

U.S. Securities and Exchange Commission (SEC) officials, private practitioners, in-house counsel, and others in the corporate and securities industry gathered in Chicago on September 26 and 27, 2024, for the Annual Ray...more

Fenwick & West LLP

Considerations for Upcoming 10-Q Disclosures

Fenwick & West LLP on

With the end of the third quarter quickly approaching, companies may want to consider the following for their upcoming Quarterly Reports on Form 10-Q...more

Troutman Pepper

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

Troutman Pepper on

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

Akin Gump Strauss Hauer & Feld LLP

Cybersecurity After SolarWinds: Practical Guidance for CISOs Under the New Rules

Judge Engelmayer’s 107-page dismissal of most of the U.S. Securities and Exchange Commission (SEC)’s claims against SolarWinds provides valuable guidance, and some comfort, for public companies and Chief Information Security...more

Husch Blackwell LLP

Court Limits an Early SEC Effort at Cybersecurity Enforcement

Husch Blackwell LLP on

On July 18, 2024, Judge Paul A. Engelmeyer of the U.S. District Court for the Southern District of New York issued a 107-page opinion dismissing most of the Securities and Exchange Commission’s (SEC) case against SolarWinds...more

Latham & Watkins LLP

SEC Imposes New Cybersecurity Requirements on Broker-Dealers, Investment Companies, Registered Investment Advisers, and Transfer...

Latham & Watkins LLP on

Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more

Steptoe & Johnson PLLC

New York Federal Court Refuses to Extend Accounting Controls Requirements to Cybersecurity Controls

Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more

Skadden, Arps, Slate, Meagher & Flom LLP

Takeaways From the Dismissal of SEC Claims Against SolarWinds and Its CISO

The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more

Woodruff Sawyer

Violent Delights, Violent Ends? Two Possible Futures of SEC Cyber Regulation

Woodruff Sawyer on

What do the SolarWinds ruling and other recent developments mean for the future of the SEC’s cyber regulatory program? Will the SEC’s “lack of moderation” result in “violent ends” for its cyber agenda? Or will the current...more

A&O Shearman

Judge dismisses most of SEC’s suit against SolarWinds over cybersecurity disclosures

A&O Shearman on

On July 18, 2024, U.S. District Judge Paul Engelmayer of the U.S. District Court for the Southern District of New York issued a comprehensive 107-page opinion that may have significant implications for the Securities and...more

Jones Day

SEC v. SolarWinds: Court Rejects SEC Authority Over Cybersecurity Controls and Most Alleged Disclosure Violations

Jones Day on

The U.S. District Court for the Southern District of New York dismissed the majority of claims that the Security and Exchange Commission ("SEC") asserted against SolarWinds, including claims that the company's alleged...more

673 Results
 / 
View per page
Page: of 27

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide