Since the Securities and Exchange Commission’s Cybersecurity Incident Disclosure Rule (SEC Rule) took effect Dec. 18, 2023, about a dozen companies have filed a Form 8-K reporting a material cybersecurity incident. This GT Alert discusses the trends on how companies have made these disclosures thus far. In short, the companies who have filed an 8-K

  1. Cybersecurity Rules by the SEC and the EU – Both the Security and Exchange Commission’s public company cybersecurity disclosure and breach notification rules as well as the implementation of the EU NIS 2 Directive will drive increased focus from management and the board on cybersecurity risks, preventive measures, and incident response. Expect to see another

As detailed in our July 2023 GT Alert, the Securities and Exchange Commission (SEC) now requires public companies to file a Form 8-K and disclose a material cybersecurity incident within four days of determining the incident’s materiality. Form 8-K Item 1.05(c) includes an exception to the four-day requirement: where disclosure poses a substantial risk

The risks associated with data collection and processing are at an all-time high. Data protection is a high-stakes game that is difficult to track since there is no universal legal requirement to disclose information related to data breaches. Newly released research from IBM shows that the average global cost of a single data breach in

Greenberg Traurig Shareholders Jena M. Valdetero, Co-Chair of the U.S. Data Privacy & Cybersecurity Practice, and Steven M. Malina will present the Thomson Reuters West LegalEdcenter and Celesq webinar, “Keeping up with the SEC: Unpacking the New Public Company Cybersecurity Rule and Enforcement,” on Friday, Dec. 1 at 12:00 p.m. EST.

This

David A. Zetoony, co-chair of global law firm Greenberg Traurig, LLP’s U.S. Data Privacy & Cybersecurity Practice, has been named a top “Legal Influencer” in the field of Technology, Media and Telecommunications (TMT) – Europe by Lexology. TMT includes compliance with European data privacy and security laws, including those that regulate

In a Halloween-eve move sure to send shivers down the spines of every public company’s CISO, on Oct. 30, the SEC filed a securities fraud complaint targeting SolarWinds’ CISO in the wake of their major December 2020 data security incident. The SEC alleges SolarWinds and its CISO committed securities fraud in connection with multiple public

Brad M. Rostolsky and Catherine E. Galea, members of Greenberg Traurig’s Data Privacy & Cybersecurity and Health Care & FDA Practices, co-authored a Philadelphia Business Journal “Thought Leadership Forum” article titled “Cybersecurity/AI Forum: Greenberg Traurig.”

Click here to read the full article, published by the Philadelphia Business Journal Oct. 27, 2023. Reprinted with permission.