SEC Adopts Final Rules on Public Company Cybersecurity Disclosures of Incidents and Processes | Perspectives & Events

Home
Perspectives & Events
SEC Adopts Final Rules on Public Company Cybersecurity Disclosures of Incidents and Processes

Authors

Lawrence A. Cunningham
Edward S. Best
Rajesh De
Marc X.W. Leong
Stephen Lilley
Anna T. Pinedo
Laura D. Richman
Justin Herring
Dominique Shelton Leipzig

On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC”) issued a release, adopting final rules (the “Final Rules”) aimed at standardizing and enhancing disclosure relating to cybersecurity incidents and risk management processes. The SEC had proposed rules (the “Proposed Rules”) on March 9, 2022. The Final Rules reflect the considerable comments received on the Proposed Rules, resulting in far narrower and streamlined requirements, though still imposing significant new requirements on registrants.

Downloads –

Download Document

Related Capabilities

Practices –

Cybersecurity & Data Privacy
Capital Markets
Public Companies & Corporate Governance

Latest Perspectives

November 27

2023

Workplace Monitoring | How to Navigate the New ICO Guidance
November 16

2023

CISA and HHS Provide Cyber Toolkit for Healthcare Organizations
November 09

2023

Key Takeaways from the Global AI Safety Summit