Skip to Main Content
Article navigation
Volume 19, Issue 4
29 November 2018
Journal of Investment Compliance Cover Image for Volume 19, Issue 4
Technical Paper| October 31 2018

SEC announces new guidance for public company disclosures on cybersecurity risks Available to Purchase

Stuart Gelfond;
Stuart Gelfond
Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York,
USA

Deceased

Stuart Gelfond (stuart.gelfond@friedfrank.com) is partner at Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York, USA.

Search for other works by this author on:
This Site
PubMed
Google Scholar
Una Dean;
Una Dean
Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York,
USA

Una Dean (una.dean@friedfrank.com) is partner at Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York, USA.

Una Dean can be contacted at: una.dean@friedfrank.com
Search for other works by this author on:
This Site
PubMed
Google Scholar
Dave N. Rao;
Dave N. Rao
Fried, Frank, Harris, Shriver and Jacobson LLP, Washington, D.C., Washington, D.C.,
USA

Dave N. Rao (dave.rao@friedfrank.com) is a special counsel at Fried, Frank, Harris, Shriver and Jacobson LLP, Washington, D.C., Washington, D.C., USA.

Search for other works by this author on:
This Site
PubMed
Google Scholar
Justin Sedor
Justin Sedor
Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York,
USA

Justin Sedor (justin.sedor@friedfrank.com) is an associate at Fried, Frank, Harris, Shriver and Jacobson LLP, New York, New York, USA.

Search for other works by this author on:
This Site
PubMed
Google Scholar
Author & Article Information
Una Dean can be contacted at: una.dean@friedfrank.com
Publisher: Emerald Publishing
Online ISSN: 1758-7476
Print ISSN: 1528-5812
© 2018 Fried, Frank, Harris, Shriver &Jacobson LLP.
2018
2018 Fried, Frank, Harris, Shriver &Jacobson LLP.
Licensed re-use rights only
Journal of Investment Compliance (2018) 19 (4): 22–25.
https://doi.org/10.1108/JOIC-06-2018-0041
Purpose

To discuss the new guidance on public companies’ disclosure obligations regarding cybersecurity risks and incidents, which was recently unanimously approved by the Securities and Exchange Commission (SEC).

Design/methodology/approach

Outlines the general disclose requirements and the materiality standard set forth by the SEC, explains specific guidance on public company cybersecurity disclosure, and discusses cybersecurity risk management and insider trading policies.

Findings

In addition to clarifying the disclosure requirements with respect to cybersecurity issues, the article discusses two additional areas of concern identified by the New Guidance that public companies should consider in the context of cybersecurity and related disclosure. First, public companies must design and maintain policies and procedures to help manage cybersecurity risks and respond to incidents as they occur. Second, public companies should consider adopting insider trading policies that specifically prohibit management and other corporate insiders from trading on the basis of material non-public information regarding a cybersecurity risk or incident.

Originality/value

Practical analysis of the guidance on disclosure obligations regarding cybersecurity risks and incidents, including discussion surrounding two aspects of cybersecurity not previously addressed in prior SEC staff guidance on the topic.

Keywords:
Risk management, Insider trading, Cybersecurity, US Securities and Exchange Commission (SEC), Statement and Guidance on Public Company Cybersecurity Disclosures (the New Guidance)
© 2018 Fried, Frank, Harris, Shriver &Jacobson LLP.
2018
2018 Fried, Frank, Harris, Shriver &Jacobson LLP.
Licensed re-use rights only
You do not currently have access to this content.
Don't already have an account? Register

Purchased this content as a guest? Enter your email address to restore access.

Please enter valid email address.
Email address must be 94 characters or fewer.
Pay-Per-View Access
$39.00
Rental
This article is also available for rental through DeepDyve. Read this now at DeepDyve
Understanding regulatory trends: digital assets & anti-money laundering
ESG litigation – how companies can get ready, respond and resolve claims
Strengthening AML/CFT controls of digital payment token service providers in Singapore
SEC’s disclosure effectiveness initiative reshapes MD&A disclosure requirements

Suggested Reading

Liu v. S.E.C.: Supreme Court’s narrowing of SEC disgorgement raises questions for insider trading cases
Journal of Investment Compliance (November,2020)
SEC requires hedge funds to prevent insider trading despite unsettled legal definition
Journal of Investment Compliance (May,2017)
FINRA publishes its 2015 “Report on Cybersecurity Practices”
Journal of Investment Compliance (July,2015)
SEC issues cybersecurity exam observations
Journal of Investment Compliance (July,2015)
Cybersecurity in accounting research
Managerial Auditing Journal (July,2019)

Related Chapters

Risk Management in Fintech
The Emerald Handbook of Fintech: Reshaping Finance
Future of Digital Supply Chain Management
The Theory, Methods and Application of Managing Digital Supply Chains
A Framework for Dealing With Cybersecurity Risks as Part of Information Security
Digitalization, Sustainable Development, and Industry 5.0: An Organizational Model for Twin Transitions

Recommended for you

These recommendations are informed by your reading behaviors and indicated interests.

Cited By

Google Scholar
CrossRef (1)
This Feature Is Available To Subscribers Only

or Create an Account

Close Modal
Close Modal