On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) adopted rules to enhance and standardize disclosure requirements related to cybersecurity incident reporting and cybersecurity risk management, strategy, and governance.Continue Reading New SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key Takeaways
Lillian Tsu
Contact:Read more about Lillian Tsu
The SEC’s Climate Proposal – Top Points for Comment
By Nick Grabar, Lillian Tsu & Nikta Daijavad on
The SEC published in March 2022 a dauntingly complex proposal to require public companies to provide climate-related disclosures.[1] The period for public comment on the proposal is very short, and it seems clear that a majority of the Commission is determined to proceed quickly.
Continue Reading The SEC’s Climate Proposal – Top Points for Comment
Cybersecurity: Data Breaches, Ransomware Attacks and Increased Regulatory Focus
By Jonathan S. Kolodner, Rahul Mukhi, Lillian Tsu & Anthony M. Shults on
Posted in Breach Notifications, Cybersecurity, Enforcement, Litigation, Privacy, Regulatory, United States
A 2021 survey of chief legal officers demonstrated that cybersecurity has overtaken compliance as the most significant legal risk that businesses face today. This should not come as a surprise as 2021 brought a series of high-profile cyberattacks on major companies and U.S. infrastructure targets.
Continue Reading Cybersecurity: Data Breaches, Ransomware Attacks and Increased Regulatory Focus