New SEC Guidance on Cybersecurity Disclosures: Risks, Incidents, Materiality, Data Governance Procedures
Recording of a 90-minute premium CLE webinar with Q&A
This CLE course will examine the new SEC guidance regarding disclosures that must be made by public companies relating to cybersecurity risks and incidents. The panel will discuss how best to strike a balance between providing adequate disclosure and protecting company information systems. The panel will also discuss the recent SEC enforcement action against Yahoo/Altaba, and outline corporate data governance protocols to comply with the recent guidance and avoid similar actions.
Outline
- SEC guidance—disclosure obligations
- Material risks associated with cybersecurity and cybersecurity incidents
- Management’s views regarding how cybersecurity incidents will affect the company’s financial condition and results of operations
- Incidents or threats that materially affect a company’s products, services, business relationships
- Material pending legal proceedings related to cybersecurity issues
- Costs related to an investigation, remediation and litigation, losses in revenue, and diminished future cash flows
- Role of the board of directors in overseeing and managing cybersecurity risks
- Avoiding insider trading on cybersecurity information—Regulation FD and selective disclosure
- Implementing data governance policies and procedures for adequate cybersecurity disclosures
Benefits
The panel will review these and other critical issues:
- What types of information does the SEC suggest that a public company should disclose in connection with ongoing cybersecurity risks and specific data breaches?
- What matters are deemed material under the guidance and what if disclosure could compromise the information systems of a company?
- When does insider trading become a concern in the context of a cybersecurity incident?
- What steps should public companies take now about data governance and disclosure?
Faculty
Sten-Erik Hoidal
Shareholder
Fredrikson & Byron
Mr. Hoidal represents clients in complex commercial litigation, with an emphasis on data protection, cybersecurity and... | Read More
Mr. Hoidal represents clients in complex commercial litigation, with an emphasis on data protection, cybersecurity and trade secret theft. As co-chair of the firm’s Data Protection & Cybersecurity group, he assists clients in protecting their sensitive information from internal and external threats. He represents clients in matters involving cybersecurity breaches, misappropriation of confidential and trade secret information, corporate raiding, enforcement of nonsolicitation and noncompete agreements, and violations of the Computer Fraud and Abuse Act.
Close
Timothy Newman
Partner
Haynes and Boone
Mr. Newman is a litigator who represents clients in government enforcement actions, cybersecurity matters, and complex... | Read More
Mr. Newman is a litigator who represents clients in government enforcement actions, cybersecurity matters, and complex litigation.He counsels public and private companies, financial services organizations, and executives under investigation by government agencies including the Securities and Exchange Commission (SEC), the Department of Justice (DOJ), the Financial Industry Regulatory Authority (FINRA) and state regulators. He also helps clients who have suffered major data breaches navigate the investigations, disclosures, and litigation that follow a breach, and he helps clients develop programs and policies that minimize cyber risk.
Close