The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more
On July 26, 2023, the Securities and Exchange Commission adopted new rules imposing disclosure requirements regarding cybersecurity risk management, strategy, governance and incidents. The new rules, which became effective...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more
On July 26, 2023, the Securities Exchange Commission (SEC) adopted a final rule intended to augment and standardize disclosures regarding cybersecurity risk management, governance, and incident reporting. The new rule imposes...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Rules”) that will require public companies and foreign private issuers to disclose material cybersecurity incidents within four...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
On July 26, the Securities and Exchange Commission (SEC) adopted, by a 3-2 margin, a final rule to require more immediate disclosure of material cybersecurity incidents by public companies. In addition, the final rule...more
As a significant step in its ongoing initiatives on the disclosure, management, and oversight of cybersecurity risks and incidents, on July 26, 2023, the US Securities and Exchange Commission (SEC or Commission) adopted rules...more
This memorandum outlines key considerations from White & Case's Public Company Advisory Group for foreign private issuers ("FPIs") during the 2023 annual reporting season....more
Background - On March 9, 2022, the U.S. Securities and Exchange Commission (the “SEC”) released proposed amendments (the “Proposed Amendments”) aimed at enhancing and standardizing disclosure relating to cybersecurity...more
As part of the SEC's broader rulemaking initiative, on March 9, 2022, the SEC proposed amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by...more
On March 9, 2022, the SEC released proposed rules intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and cyber incident reporting by companies that are subject to the...more
This memorandum outlines key considerations from White & Case’s Public Company Advisory Practice for foreign private issuers (“FPIs”) in preparation for the 2020 annual reporting season. It describes our key considerations...more
There have been significant recent developments in U.S. Securities and Exchange Commission (SEC) regulation of foreign private issuers, (FPIs) including changes that impact the annual report on Form 20-F for fiscal year 2019....more