The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
As we head into year-end, annual reporting season for FPIs is just around the corner. FPIs are required to file an annual report on Form 20-F with the SEC within four months after the end of their fiscal year (or until April...more
In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more
On July 26, 2023, the Securities and Exchange Commission adopted new rules imposing disclosure requirements regarding cybersecurity risk management, strategy, governance and incidents. The new rules, which became effective...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more
On July 26, 2023, the Securities Exchange Commission (SEC) adopted a final rule intended to augment and standardize disclosures regarding cybersecurity risk management, governance, and incident reporting. The new rule imposes...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Rules”) that will require public companies and foreign private issuers to disclose material cybersecurity incidents within four...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
On July 26, 2023, the U.S. Securities Exchange Commission (“SEC”) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
As a significant step in its ongoing initiatives on the disclosure, management, and oversight of cybersecurity risks and incidents, on July 26, 2023, the US Securities and Exchange Commission (SEC or Commission) adopted rules...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
On March 9, 2022, the SEC released proposed rules intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and cyber incident reporting by companies that are subject to the...more
This memorandum outlines considerations for foreign private issuers ("FPIs") in preparation for the 2019 annual reporting season. Part I (pg. 2) provides a summary of certain key trends and insights from the 2018 US proxy...more