Author

Sali Wissa

Browsing

In brief On May 21, 2024, Erik Gerding, Director of the US Securities and Exchange Commission (SEC) Division of Corporate Finance, issued a statement1 clarifying the SEC’s expectations for cybersecurity incident disclosures under the new Form 8-K Item 1.05. Gerding’s statement clarified that Item 1.05 disclosures should be reserved for material cybersecurity incidents, and voluntary disclosures of immaterial incidents, or of incidents before a materiality determination has been made, should be provided under a different item of…

In brief On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) approved the final rules for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (“Final Rules”). As previously reported, the SEC first proposed amendments to its rules on disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies on March 9, 2022 (“Proposed Rules”). Similar to the Proposed Rules, the Final Rules, broadly speaking, require (i) issuers to make disclosures…