After a bit of last-minute drama, the SEC on Wednesday issued its guidance for public company cybersecurity disclosures. The Commission’s guidance document emphasizes companies’ disclosure obligations under existing law and requirements. The statement also underscores the Commission’s concerns about insider trading prohibitions and the obligation of reporting companies to refrain from making selective disclosures about nonpublic information. As discussed below, the Commission’s Democratic members criticized the statement for not going far enough. The Commission’s February 21, 2018 press release about the cybersecurity disclosure guidance can be found here. The Commission’s statement and guidance on cybersecurity disclosure can be found here. SEC Chair Jay Clayton’s statement about the Commission’s guidance can be found here.
Continue Reading SEC Releases Cybersecurity Disclosure Guidance