On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted its long-anticipated cybersecurity reporting rule (the “Final Rule”). The Final Rule applies to public companies subject to the reporting requirements of the Securities Exchange Act of 1934 and, in some cases, to foreign private issuers. As quoted in the SEC’s press release, SEC Commissioner Gary Gensler noted that many public companies already make cybersecurity disclosures to investors, and the Final Rule provides uniformity and structure for these future disclosures. The Final Rule also imposes a tight timeline for cybersecurity incident reporting and may include disclosure of an ongoing cybersecurity incident, as well as requiring periodic disclosures concerning organizational cybersecurity risk management processes and governance.
Blog Editors
Recent Updates
- Medicaid Behavioral Health Investigations and Payment Suspensions in D.C. Are Increasing – How Providers Can Limit Risk
- ‘Emilie’ Is Not a Psychiatrist: Pennsylvania Board of Medicine Alleges Unlawful Practice of Medicine by an AI Chatbot
- DOJ’s West Coast Strike Force to Target Health Care Fraud in Arizona, Nevada, and Northern California
- DOJ FOCUS Initiative Prioritizes “High Quality” Data Miner Actions by FCA Whistleblowers
- FDA Proposal Would Leave Semaglutide, Tirzepatide, and Liraglutide Off 503B Bulks List