On May 16, 2024, the U.S. Securities and Exchange Commission finalized amendments to Regulation S-P (the Amendments) that largely adopt the proposed amendments the SEC issued in 2023. As discussed in further detail below, the Amendments will require broker-dealers, investment companies, SEC-registered investment advisers, funding portals, and transfer agents registered with the SEC or other

On May 21, 2024, U.S. Securities and Exchange Commission Director of the Division of Corporation Finance Erik Gerding issued a statement clarifying when the SEC expects companies to disclose a cyber incident. This clarification helps guide public companies who wish to disclose a cyber incident but who have not yet determined if the incident is

Jena M. Valdetero, Co-Chair of the firm’s Data Privacy and Cybersecurity Practice, and Steven M. Malina, a member of GT’s Litigation Practice, were quoted in a Dark Reading article titled “Orgs Face Major SEC Penalties for Failing to Disclose Breaches.”

Click here to read the full article, published by Dark Reading

  1. Cybersecurity Rules by the SEC and the EU – Both the Security and Exchange Commission’s public company cybersecurity disclosure and breach notification rules as well as the implementation of the EU NIS 2 Directive will drive increased focus from management and the board on cybersecurity risks, preventive measures, and incident response. Expect to see another

As detailed in our July 2023 GT Alert, the Securities and Exchange Commission (SEC) now requires public companies to file a Form 8-K and disclose a material cybersecurity incident within four days of determining the incident’s materiality. Form 8-K Item 1.05(c) includes an exception to the four-day requirement: where disclosure poses a substantial risk

Greenberg Traurig Shareholders Jena M. Valdetero, Co-Chair of the U.S. Data Privacy & Cybersecurity Practice, and Steven M. Malina will present the Thomson Reuters West LegalEdcenter and Celesq webinar, “Keeping up with the SEC: Unpacking the New Public Company Cybersecurity Rule and Enforcement,” on Friday, Dec. 1 at 12:00 p.m. EST.

This

In a Halloween-eve move sure to send shivers down the spines of every public company’s CISO, on Oct. 30, the SEC filed a securities fraud complaint targeting SolarWinds’ CISO in the wake of their major December 2020 data security incident. The SEC alleges SolarWinds and its CISO committed securities fraud in connection with multiple public

On July 26, 2023, the SEC proposed new rules applicable to registered investment advisers and broker-dealers intended to prevent and neutralize the effects of certain conflicts of interest relating to the use of predictive data analytics (PDA), natural language processing (NLP), artificial intelligence (AI) and other “covered technologies” in interactions with clients. Click here to

Join Greenberg Traurig’s Data, Privacy & Cybersecurity Practice for an interactive CLE symposium in Chicago on Wednesday, October 12. Attendees will hear from GT team members and industry peers on a variety of new privacy, cybersecurity, and tech issues. Speakers will also provide timely and practical tips for addressing these issues, with particular emphasis