The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more