United States:
SEC Adopts Cybersecurity Rules And Reporting Requirements For Public Companies
18 August 2023
Milbank LLP
To print this article, all you need is to be registered or login on Mondaq.com.
On July 26, 2023, the SEC adopted rules requiring public
companies and foreign private issuers (i) to timely disclose
material cybersecurity incidents and (ii) to disclose on an annual
basis the registrant's cybersecurity risk management, strategy
and governance. The SEC issued its rule proposal in March 2022,
which was the subject of significant public commentary. As a
result, the SEC made certain changes to the required disclosures,
streamlining them to decrease the amount of detail needed. Yet, the
final rule still dramatically alters the disclosure landscape for
domestic and foreign registrants. Set forth below is a summary of
the key provisions of the final rule.
Click here to read the full insight: "SEC
Adopts Cybersecurity Rules and Reporting Requirements for Public
Companies."
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Corporate/Commercial Law from United States
Corporate Transparency Act Update
Shulman Rogers
With the arrival of spring and the first set of Corporate Transparency Act (CTA) filing deadlines behind us, it is a good time for an update on lessons learned from the initial filings.
Compliance Isn't The Only 'AI Washing' Risk
Bracewell
Companies are rapidly adopting artificial intelligence technologies, and both regulators and private plaintiffs have set their sights on "AI washing," where businesses tout AI capabilities that do not exist.