US Corporate Law News: SEC cybersecurity guidance slow in spurring disclosure

18 March 2018 | Applicable law: US

In response to security breaches at companies including Equifax, Target and Yahoo over the past few years, the SEC issued interpretive guidance on issuers' cybersecurity disclosures in February 2018. 

The SEC's guidance sets the expectation that boards should actively engage in cybersecurity issues, stating that companies are expected "to disclose cybersecurity risks and incidents that are material to investors." The SEC has not, however, instituted any direct measure to compel companies to reveal the nature and the scope of such cybersecurity breach if one takes place. A major difficulty in cybersecurity disclosures lies in setting the standard for when information must be disclosed.

For more information, see here.

This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.


Related experience

As a full-service law firm, we are able to provide advice and information about a wide range of other issues. Here are some related areas.

Join the club

We have lots more news and information that you'll find informative and useful. Let us know what you're interested in and we'll keep you up to date on the issues that matter to you.