On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) adopted rules to enhance and standardize disclosure requirements related to cybersecurity incident reporting and cybersecurity risk management, strategy, and governance.

Continue Reading New SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key Takeaways

The SEC published in March 2022 a dauntingly complex proposal to require public companies to provide climate-related disclosures.[1]  The period for public comment on the proposal is very short, and it seems clear that a majority of the Commission is determined to proceed quickly.
Continue Reading The SEC’s Climate Proposal – Top Points for Comment

A 2021 survey of chief legal officers demonstrated that cybersecurity has overtaken compliance as the most significant legal risk that businesses face today. This should not come as a surprise as 2021 brought a series of high-profile cyberattacks on major companies and U.S. infrastructure targets.
Continue Reading Cybersecurity: Data Breaches, Ransomware Attacks and Increased Regulatory Focus