SEC’s New Mandatory Cybersecurity Disclosure Rules: Maintaining Compliance and Avoiding Enforcement Risks
Enhanced Disclosures Regarding Cybersecurity Risk Management, Strategy, Governance and Incident Reporting
Recording of a 90-minute CLE video webinar with Q&A
This CLE webinar will discuss the SEC's recent adoption of rules requiring public companies to more immediately disclose cybersecurity incidents and provide annual disclosures regarding the company's cybersecurity risk management strategy and cybersecurity governance. The panel will examine the new rule's requirements and provide practical guidance for maintaining compliance and avoiding enforcement risks.
Outline
- Overview of the SEC's new cybersecurity disclosure rules
- Cybersecurity incident disclosure requirement in Form 8-K or Form 6-K
- Updates on previously reported cybersecurity incidents required in amended Form 8-K or Form 20-F
- New cybersecurity governance disclosure requirements in annual reports on Form 10-K and Form 20-F
- Compliance deadlines
- Practical guidance and takeaways for implementing policies and procedures to address the new rules
- Potential implications of the public disclosure of a company's cybersecurity incidents
Benefits
The panel will address these and other key issues:
- What are the new Form 8-K filing requirements?
- What are the new cybersecurity governance disclosure requirements for annual reports on Forms 10-K and 20-F?
- What are the changes to Regulation S-K and how should companies disclose their processes for assessing, identifying, and managing material risks from cybersecurity threats?
- What are the corporate governance matters relating to the board of directors' and management's oversight of cybersecurity matters?
- What are the implications of these new rules on how companies will respond to future cyber incidents?
Faculty
Shardul Desai
Partner
Holland & Knight
Mr. Desai is a cybersecurity, data privacy, and white collar defense and government investigations attorney. He has... | Read More
Mr. Desai is a cybersecurity, data privacy, and white collar defense and government investigations attorney. He has extensive experience in handling cyber intrusions and data breaches, trade secret thefts, emerging technology matters and complex white collar investigations. With a computer science and physics background, Mr. Desai is highly skilled and knowledgeable to advise companies on novel issues at the intersection of law, technology and data privacy. He is also a Certified Information Privacy Professional in the United States (CIPP/US) with the International Association of Privacy Professionals (IAPP). Mr. Desai is a former federal prosecutor in the Cyber and National Security Section and the Economic Crimes Section at the U.S. Attorney's Office for the Western District of Pennsylvania.
Close
J.D. Koesters
Counsel
K&L Gates
Mr. Koesters is counsel in the firm’s Investigations, Enforcement, and White Collar Group. With over a decade of... | Read More
Mr. Koesters is counsel in the firm’s Investigations, Enforcement, and White Collar Group. With over a decade of experience in the Department of Justice and Department of Defense, he advises clients on internal investigations and government enforcement actions in a variety of industries. As a Certified Information Privacy Professional in the U.S. (CIPP/US) and a former national security advisor for Army Cyber Command, Mr. Koesters works with clients on emerging issues involving data privacy regulations, cybersecurity requirements, and data breach incidents.
Close