Takeaways From the SEC’s Enhanced Cybersecurity Disclosure Regime for Public Companies

A divided SEC has proposed rules to enhance and standardize disclosures by public companies of cybersecurity incidents as well as their risk management, strategy and governance surrounding cybersecurity. The March 9, 2022, proposal marks the SEC’s first attempt to implement cybersecurity-specific disclosure rules. In this guest article, King & Spalding attorneys William Johnson, Matthew Hanson, Joseph Zales and Charles Cain analyze the proposed rules and their implications. See King & Spalding’s two-part series on how SEC’s cybersecurity disclosure enforcement is heating up: “Recent Developments” (Sep. 22, 2021); “Best Practices” (Sep. 29, 2021).

To read the full article

Continue reading your article with a CSLR subscription.