The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
In this settled action—part of a slew of SEC Enforcement cases reported out in the last days before the change in Administration—the SEC alleged that Celsius Holdings, Inc. engaged in improper accounting for stock-based...more
The most frequently asked question at all-hands meetings for a securities offering is “What financial statements will be needed?” The question seems simple enough. But the answer is rarely straightforward. This User’s...more
Drawing on insights from our interactions with audit committees and business leaders, the KPMG Board Leadership Center highlights nine issues for the audit committee to consider for the year ahead....more
As we bid farewell to 2024, we welcome not only another year but also several new disclosure requirements. In this Snapshot, we summarize several developments and best practices for public companies to consider as the 2024...more
In late June, the staff of the U.S. Securities and Exchange Commission’s Division of Corporation Finance released five new compliance and disclosure interpretations regarding the disclosure of material cybersecurity incidents...more
Latham & Watkins has created the Form 8-K Desktop Reference Guide for 2025....more
SEC Penalizes Director for Misleading D&O Questionnaire Response - The SEC recently brought an enforcement action against a director for causing violations of the proxy rules by failing to disclose a close personal...more
The Securities and Exchange Commission (the “SEC”) has issued five compliance and disclosure interpretations related to the disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
The SEC’s Director of Corporation Finance, Erik Gerding, recently issued two statements regarding a public company’s disclosure obligations in response to a cybersecurity incident. These remarks follow the adoption of the...more
The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
On June 24, 2024, the SEC released five new CDIs on Material Cybersecurity Incidents. Please see a high-level summary below...more
The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This...more
On May 21, 2024, Erik Gerding, director of the Division of Corporation Finance of the U.S. Securities and Exchange Commission (SEC), issued a statement with clarifying guidance on cybersecurity incident disclosure under Item...more
On May 21, 2024, the Director of the SEC’s Division of Corporation Finance issued a statement providing guidance on the use of Item 1.05 of Form 8-K to disclose cybersecurity incidents....more
The Security and Exchange Commission (SEC) Director of the Division of Corporate Finance, Erik Gerding, released a statement on May 21, 2024 that may have regulated entities scratching their heads about compliance and the...more
On May 21, 2024, Erik Gerding, the Director of the Division of Corporation Finance at the U.S. Securities and Exchange Commission (SEC), released a statement (statement) on the disclosure of cybersecurity incidents. This...more
In a statement yesterday, the Director of the SEC’s Division of Corporation Finance commented on the relatively new Form 8-K Item 1.05 requirement. Last summer when the SEC adopted the final rules relating to cybersecurity...more
Erik Gerding, Director, Division of Corporation Finance, released a statement on the preferred methods to disclose certain cybersecurity incidents. Mr. Gerding noted “The cybersecurity rules that the Commission adopted on...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
On July 26 2023, the Securities and Exchange Commission (SEC) adopted final rules intended to enhance and standardize disclosures of cybersecurity risk management, strategy, governance, and incident reporting by public...more