Disclosing Cyberattacks: How To Follow SEC Guidance

Law360, New York (November 1, 2011, 12:32 PM EDT) -- On Oct. 13, 2011, the U.S. Securities and Exchange Commission released its first ever staff guidance pertaining exclusively to the cybersecurity-related disclosure obligations of public companies. The guidance serves as a wake-up call for many of today’s public companies.

This new and unique SEC guidance covers a public company’s reporting responsibilities both just after a cyberattack as a “material” event, and even before as a “risk factor.” From the SEC’s perspective, the requirements outlined in the guidance introduce nothing new but, instead, merely clarify the SEC’s...
To view the full article, register now.