• A Practical Guide to Implementing SEC Guidance on Disclosure of Cybersecurity Risks and Cyber Incidents
  • January 17, 2012 | Authors: Laura Hewett; Brittain A. Rogers; Keith M. Townsend
  • Law Firm: King & Spalding LLP - Atlanta Office
  • Recent, high-profile cyber attacks and cybersecurity lapses have resulted in a serious focus on cybersecurity from the Obama administration, the Senate and the SEC. In the past year, there were reports of cyber thieves hacking corporate networks to steal customer data from financial services firms and retailers, intellectual property from life sciences, technology and industrial companies and information regarding the location of major oil reserve from multinational oil companies. This proliferation of cyber attacks led to five U.S. senators writing to SEC Chairwoman Mary Schapiro asking the SEC to develop and publish interpretive guidance on the disclosure of cybersecurity risks by public companies. The SEC’s Division of Corporation Finance staff did so in October 2011 (www.sec.gov/divisions/corpfin/guidance/cfguidancetopic2. htm).