AI Washing: Simple Guidance to Avoid Risk
Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?
Episode 332 -- Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly
Mitigating Political-Law Risk
The Preferred Return Podcast | AIFMD II – Implementation Begins
Why ESG Matters?
Meeting the Proposed SEC Climate Disclosure Requirements
California Regulation of Charitable Fundraising Platforms Part 2 - Reporting Due Diligence, Recordkeeping, and Disclosure Rules
ESG Masterclass — ESG and Impact Investing
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
JONES DAY TALKS®: Court Grants Stay on SEC’s Climate Disclosure Rule, but Companies Should Continue Preparations
ESG Masterclass — ESG and Politics
Ad Law Tool Kit Show – Episode 5 – Surviving an FTC Investigation
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
PLI's inSecurities Podcast - Commissioner Uyeda on “the Perils of Regulation by Theory and Hypothesis”
PLI's inSecurities Podcast - Addressing the “Netflix Problem” in Securities Regulation
What Nonprofit Leaders Need To Know About the Corporate Transparency Act
December 1st Deadline to Adopt Executive Compensation Clawback Policies — The Consumer Finance Podcast
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
ESG Essentials: What You Need To Know Now - Episode 16 - ESG Backlash
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
On Tuesday, the SEC announced settled charges against four companies for “making materially misleading disclosures regarding cybersecurity risks and intrusions. The charges against the companies, Unisys Corp., Avaya Holdings...more
In this June Order, SEC Enforcement brought settled charges against R.R. Donnelley & Sons, a “global provider of business communications services and marketing solutions,” for control failures: more specifically, a failure to...more
Recent Securities and Exchange Commission (SEC) enforcement action and statements by SEC officials show that the Commission remains focused on disclosures regarding cybersecurity incidents. On May 21, 2024, Erik Gerding,...more
Public companies are now required to comply with new cybersecurity disclosure requirements in their Annual Reports on Form 10-K for fiscal years ending on or after December 15, 2023. In preparing this cybersecurity...more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
The U.S. Securities Exchange Commission (SEC) recently adopted a final rule regarding cybersecurity risk management, governance, and incident reporting. The final rule went into effect on September 5, 2023, and disclosure...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
Are you prepared for the new SEC Rule on Cybersecurity Incident and Risk Management Disclosures? Don't let your business get caught off guard! This webinar will cover important points about the rule and how to effectively...more
Corporate legal departments are scrambling to stay ahead of the latest developments around cyber incident disclosure rules and regulations. In hopes of reducing panic and distress, a pair of legal experts are issuing a...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
As annual reporting season begins, it is important to take a fresh look at the company’s governance and incident response processes and develop risk-informed and compliant disclosures. While many companies are understandably...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
On December 18, 2023, prior to the trading session, VF Corp. (NYSE:VFC) issued a press release disclosing that the company was investigating unauthorized activity on its computer systems – and that the intrusion had encrypted...more
Key Point: The FCC revised its breach notification rules for telecommunication providers to broaden the instances when notifications are required, but even with limited exceptions to the new requirements, the final rule...more
On 18 December 2023, the new rules of the US Securities and Exchange Commission (SEC) regarding disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K went into effect, requiring companies to report a...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
Under the Securities and Exchange Commission’s (SEC) new Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rule (cybersecurity rule), public companies subject to the cybersecurity rule must promptly...more
Our Securities and Privacy, Cyber & Data Strategy teams unpack the Department of Justice’s (DOJ) process for companies seeking to delay Form 8-K disclosures under the Securities and Exchange Commission’s (SEC) cybersecurity...more
The Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (the “Cybersecurity Rules”), which the Securities and Exchange Commission (SEC) had adopted earlier this year,...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
Securities and Exchange Commission (SEC) rules regarding cyber incident reporting and cybersecurity risk management, strategy, and governance, officially went into effect this week for most public companies....more
The new SEC cybersecurity rules (Release No. 33-11216), codify and build on earlier SEC guidance on cybersecurity risks and incidents and require specific cybersecurity-related disclosures....more
This week the SEC’s Division of Corporation Finance released compliance and disclosure interpretations (C&DIs) pertaining to the latest cybersecurity disclosure requirements. The C&DIs provide guidance on when public...more
As a follow up to yesterday’s post, our recent Client Alert discusses new guidance from the FBI, DOJ, and SEC on requesting a delay to Form 8-K disclosures for material cybersecurity incidents that pose a substantial risk to...more