Reprinted with the permission of The Legal Intelligencer.

Cybersecurity: the risks are no longer "some other" company's problem. All companies, and in particular public companies, must take care in assessing and reporting on cybersecurity risks. Just last week, the U.S. Securities and Exchange Commission (SEC) hosted a roundtable on the topic. SEC Chair Mary Jo White stated, in her opening remarks for the roundtable, that the threats from cybersecurity come from many directions with the ability to attack the financial markets and economy, as demonstrated by the recent private data breaches of U.S. consumers occurring at a retail chain this past holiday season. White emphasized that the SEC's formal jurisdiction over cybersecurity is focused on disclosure by reporting companies of material information, as well as on the integrity of market systems and the protection of customer data. Reports of cyberincidents, in the form of deliberate attacks or unintentional events, have become a recurring feature in headlines over the past several years. Companies that are subject to U.S. securities laws face a host of emerging compliance challenges as a result of the increasing prevalence and frequency of cyber-risks. This article discusses some of the more prominent compliance issues relating to cyber-risks and incidents and required disclosures. ... 

 more >









































Related Practices

Business and Finance
Privacy and Data Security