Cybersecurity

Subscribe to Cybersecurity via RSS

Background

In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our intent with this snapshot is to review the first year of cybersecurity disclosures on Form 8-K.Continue Reading Snapshot: The First Year of Cybersecurity Incident Filings on Form 8-K Since Adoption of New Rules

Wilson Sonsini is pleased to offer MCLE Days, a newly expanded programming to meet your MCLE requirements. The first of our three MCLE Days will be held Thursday, December 12, 2024, at the Sheraton Palo Alto in Palo Alto, California (details below), and will also be available virtually. Register

Continue Reading Event Alert: Wilson Sonsini’s MCLE Days, December 12, January 17 and 23

As part of its continuing efforts to clarify the application of the SEC’s rules regarding the disclosure of material cybersecurity incidents,[1] on June 24, 2024, the Division of Corporation (Corp Fin) issued five new Compliance and Disclosure Interpretations (CDIs). All five of the CDIs focus on the materiality determination required under Item 1.05 of Form 8-K and are summarized below. The full text of the CDIs is set forth at the end of this post.Continue Reading Corp Fin Issues CDIs on Cybersecurity Incident Reporting

As questions and commentary continue to arise with respect to the SEC’s rules on disclosure of material cybersecurity incidents, the SEC staff has sought to provide additional guidance on the application of the final cybersecurity disclosure rules.[1] On June 20, 2024, Erik Gerding, the Director of the SEC’s Division

Continue Reading Corp Fin Issues Additional Guidance Relating to Cybersecurity Incident Disclosure

On May 21, 2024, Erik Gerding, the Director of the Division of Corporation Finance at the U.S. Securities and Exchange Commission (SEC), released a statement (statement) on the disclosure of cybersecurity incidents. This statement relates to disclosures made under new Item 1.05 of Form 8-K, which was adopted by the SEC in July 2023,[1] and requires companies to disclose information relating to material cybersecurity incidents within four business days of determining that the incident is material. For more information on the cybersecurity rules, please see our previous Client Alert.Continue Reading Corp Fin Issues Guidance on Disclosure of Cybersecurity Incidents

As a follow up to yesterday’s post, our recent Client Alert discusses new guidance from the FBI, DOJ, and SEC on requesting a delay to Form 8-K disclosures for material cybersecurity incidents that pose a substantial risk to national security or public safety.  Our client alert discusses the process the FBI has established to request the delay, the approach the DOJ will take when evaluating whether to authorize the delay, and new Compliance and Disclosure Interpretations (CDIs) issued by the SEC’s Division of Corporation Finance regarding this national security and public safety exception.

Continue Reading New Guidance on Delayed Disclosure of Material Cybersecurity Incidents

In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring that public companies report material cybersecurity incidents under new Item 1.05 of Form 8-K, and disclose information regarding their cybersecurity risk management, strategy, and governance in annual reports on Form 10-K. Foreign private issuers are subject to similar disclosure requirements in Forms 6-K and 20-F. Although the final rules were effective this past September, the SEC provided for transition periods for compliance with the new disclosure requirements, which transition periods will end soon.

Continue Reading Reminder: Material Cybersecurity Incident Reporting Required December 18, 2023

Join Wilson Sonsini for its 2023 Public Company General Counsel Webinar Series. Throughout November, Wilson Sonsini will host three virtual sessions on new SEC governance and disclosure requirements, including clawback policies, cybersecurity governance and disclosure, and share repurchase disclosure. To attend any of the three sessions, please register here.

Continue Reading Webinar Series Alert | Navigating New SEC Rules: November 1, 15, 29

Partner Tamara Brightwell recently joined the Diligent Institute to discuss the 2023 proxy season and recent regulatory developments at the SEC. She discussed a broad range of topics, including takeaways from this past proxy season, the SEC’s new cybersecurity disclosure rules, and considerations for public company boards in light of

Continue Reading Inside Today’s Boardrooms | 2023 Proxy Season and Regulatory Recap