SEC Suits Over Cyber Reporting Could Be On Horizon

Law360, Washington (April 20, 2017, 1:25 PM EDT) -- The U.S. Securities and Exchange Commission has yet to lodge a formal enforcement action against a public company for failing to report cyber incidents and risks, but that could change soon, the agency’s acting enforcement chief warned Thursday, adding that she could “absolutely” envision circumstances where one would be necessary.

Acting Enforcement Director Stephanie Avakian made clear to an audience of corporate attorneys Thursday that they shouldn’t mistake the absence of such SEC actions for the agency’s unwillingness to go after companies with inadequate cybersecurity disclosures before and after breaches or other incidents. 

“We’ve not brought an action in that space....

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.


  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS