Proposed Rules From the SEC Intended to Enhance Public Company Disclosures About Cybersecurity Risks

Proposed Rules From the SEC Intended to Enhance Public Company Disclosures About Cybersecurity Risks

Blog WilmerHale Privacy and Cybersecurity Law
On March 9, 2022, the Securities and Exchange Commission proposed rules that are intended to enhance disclosures about cybersecurity risk management, strategy, governance, and incident reporting by public companies.  If adopted as proposed, the rules will dramatically impact the way public companies, boards, and management disclose cyber incidents and matters relating to their cybersecurity oversight (including board and management expertise).  The proposed rules represent a significant expansion of current SEC guidance, which dates back to 2011 and 2018, and if adopted as released, will likely lead to operational and governance changes for many businesses.  For more detailed information about the proposed rules, see this post on our Focus on Audit Committees, Accounting and the Law blog.

Authors

More from this series

Notice

Unless you are an existing client, before communicating with WilmerHale by e-mail (or otherwise), please read the Disclaimer referenced by this link.(The Disclaimer is also accessible from the opening of this website). As noted therein, until you have received from us a written statement that we represent you in a particular manner (an "engagement letter") you should not send to us any confidential information about any such matter. After we have undertaken representation of you concerning a matter, you will be our client, and we may thereafter exchange confidential information freely.

Thank you for your interest in WilmerHale.