Regulators’ enforcement priorities evolve alongside technological changes and in response to consumer-impacting activities that are emphasized in news headlines. This trend can be seen in the SEC’s relatively recent focus on monitoring and bringing formal actions against opportunistic stock trading by corporate insiders who have knowledge of enterprise security incidents and data breaches.

As the SEC described in its 2018 guidance intended to assist public companies in preparing disclosures about cybersecurity risks and incidents: “Companies and their directors, officers, and other corporate insiders should be mindful of complying with the laws related to insider trading in connection with information about cybersecurity risks and incidents, including vulnerabilities and breaches.”

What follows is an overview of an article published in Cybersecurity Law Report (subscription paywall) last week by Greenberg Traurig’s Darren Abernethy regarding the interplay between corporate insider trading and cybersecurity incidents, including some possible planning steps for businesses to consider with legal counsel.
Continue Reading Insider Trading in the Data Breach Context: Proactive Corporate Planning and Regulatory Enforcement