Cybersecurity Disclosure

On May 21, 2024, Erik Gerding, the Director of the Division of Corporation Finance at the U.S. Securities and Exchange Commission (SEC), released a statement (statement) on the disclosure of cybersecurity incidents. This statement relates to disclosures made under new Item 1.05 of Form 8-K, which was adopted by the SEC in July 2023,[1] and requires companies to disclose information relating to material cybersecurity incidents within four business days of determining that the incident is material. For more information on the cybersecurity rules, please see our previous Client Alert.Continue Reading Corp Fin Issues Guidance on Disclosure of Cybersecurity Incidents

Last summer, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring annual disclosure by public companies regarding cybersecurity risk management, strategy, and governance, and current disclosure about material cybersecurity incidents. Companies must comply with the annual disclosure requirements beginning with annual reports for fiscal years ending on or after December 15, 2023. Therefore, calendar year-end companies are subject to and have begun filing the new disclosures.Continue Reading Snapshot: Form 10-K Cybersecurity Disclosures