In light of the continuing drumbeat of high profile data breaches and the recent guidance from the Securities and Exchange Commission (the “SEC”) to public companies in response (SEC Release Nos. 33-10459; 34-82746, February 21, 2018 (“SEC Cybersecurity Guidance”)), many public companies will find it timely to review the operation of their insider trading compliance programs (see our March 2018 Client Alert for more information). The SEC Cybersecurity Guidance serves as a call to action for various stakeholders in public companies – for boards, to evaluate their oversight of cybersecurity risks, and for management, to evaluate the approach to disclosure of cybersecurity risks and incidents, disclosure controls and procedures, and insider trading compliance programs. Just last month, the SEC brought a first-of-its kind enforcement action alleging that a company failed to disclose a cybersecurity breach quickly enough. It is clear the SEC will be monitoring cybersecurity disclosure issues closely in the coming quarters.
To read more, download the related document.