SEC Cybersecurity Enforcement Authority After SolarWinds Ruling: Mitigating Exposure to Securities Fraud Liability
Recording of a 90-minute CLE video webinar with Q&A
This CLE webinar will discuss the important cybersecurity and disclosure considerations from the Southern District of New York's closely-watched ruling in SEC v. SolarWinds et al. (SolarWinds) wherein the court dismissed the SEC's novel cybersecurity disclosure and control claims against defendant SolarWinds and its chief information security officer. The panel will explore the implications this case may have on the SEC's approach to using securities laws to pursue cyber incident preparedness and disclosure litigation against public companies and provide key considerations for public companies going forward.
Outline
- Background: SEC v. SolarWinds et al.
- Court's ruling
- Implications of this case on public companies' cyber risk management and disclosure obligations
- Actions public companies should take now in light of this ruling and the SEC's cyber enforcement agenda
- What impact this decision may have on the new cybersecurity incident reporting rules
- Practical takeaways
Benefits
The panel will address these and other key considerations:
- What is the background of the SolarWinds case?
- What are the key holdings in SolarWinds as they relate to cyber incidents and their impact on public companies' cyber risk management and disclosure obligations?
- How will the holding in SolarWinds impact the SEC's cybersecurity enforcement authority?
- What actions should public companies take in light of this decision to minimize exposure to liability under securities laws?
Faculty
Matthew R. Baker
Partner, Chair Privacy & Cybersecurity Group
Baker Botts
Mr. Baker’s cross-disciplinary practice focuses on data privacy, cybersecurity, crisis management, and incident... | Read More
Mr. Baker’s cross-disciplinary practice focuses on data privacy, cybersecurity, crisis management, and incident response for a broad range of industries. He is well-versed in multi-jurisdictional privacy compliance; cyber risk identification, mitigation, and response strategies; complex information governance and data management issues; and cross-border electronic discovery. Mr. Baker routinely counsels clients on considerations arising under a wide range of domestic and international privacy and security laws, standards, and best practices. In addition, he has managed dozens of cyber and privacy incidents for multinational companies through all aspects of investigation, remediation, notification, regulatory engagement, and litigation.
Close
David Fredrickson
Senior Of Counsel
Covington & Burling
Mr. Fredrickson draws on his nearly three decades of experience at the SEC to advise clients on capital markets,... | Read More
Mr. Fredrickson draws on his nearly three decades of experience at the SEC to advise clients on capital markets, securities regulatory compliance, corporate governance, public accounting, and securities enforcement matters. Prior to joining the firm, Mr. Fredrickson held a number of senior roles in the SEC’s Division of Corporation Finance and the Office of the General Counsel. Most recently, he served as Senior Legal Advisor to the Deputy Director of the Division of Corporation Finance, where he advised the Deputy Director for Legal and Regulatory Policy. Mr. Fredrickson advised senior SEC officials on complex legal issues and risk management, including serving as primary legal advisor to rulemaking teams implementing the Sarbanes-Oxley, Dodd-Frank, and JOBS Acts. His experience encompasses a broad spectrum of transactional and securities compliance and interpretative matters, including advising on issues related to digital assets, SPACs, shareholder proposals, proxy solicitations, Regulation FD, and financial reporting. Mr. Fredrickson led the team that developed the legal framework for SEC oversight of the Public Company Accounting Oversight Board. He also regularly assessed legal issues raised by recommendations from the Division of Enforcement.
Close
Jena M. Valdetero
Shareholder, Co-Chair U.S. Data Privacy and Cybersecurity Practice
Greenberg Traurig
Ms. Valdetero serves as Co-Chair of the firm’s U.S. Data Privacy and Cybersecurity Practice where she advises... | Read More
Ms. Valdetero serves as Co-Chair of the firm’s U.S. Data Privacy and Cybersecurity Practice where she advises clients on complex data privacy and security issues. She has led more than 1,000 data breach investigations. A litigator by background, Ms. Valdetero defends companies against privacy and data breach litigation, with an emphasis on class action lawsuits. She has designed and conducted dozens of data breach tabletop exercises to empower clients to respond effectively to a data security incident. Ms. Valdetero also counsels companies on data privacy and security compliance programs and advises on privacy and cyber risks associated with mergers and acquisitions, venture capital, and securities. Jena also advises a diverse array of clients on compliance with existing and emerging privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Gramm Leach Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA). She is a certified privacy professional through the International Association of Privacy Professionals (CIPP/US), for which she is a former KnowledgeNet Co-Chair.
Close