In response to security breaches at companies including Equifax, Target and Yahoo over the past few years, the SEC issued interpretive guidance on issuers' cybersecurity disclosures in February 2018. The SEC's guidance sets the expectation that boards should actively engage in cybersecurity issues, stating that companies are expected “to disclose cybersecurity risks and incidents that are material to investors.” The SEC has not, however, instituted any direct measure to compel companies to reveal the nature and the scope of such cybersecurity breach if one takes place. A major difficulty in cybersecurity disclosures lies in setting the standard for when information must be disclosed. For more information, see https://www.sec.gov/rules/interp/2018/33-10459.pdf.
InsightView all Firm insight
03 December 2019 - Article
UK general election 2019: What are the three main parties proposing on employment and employment rights?
29 November 2019 - Video