Will Recent Data Breaches Impact the 2018 Filing Season?

Will Recent Data Breaches Impact the 2018 Filing Season?

One can only hope that the recently uncovered data breach at Uber—which exposed the data of more than 50 million individuals and involved a company-authorized hush payment of $100,000 to the hackers—was, to borrow a term, a unicorn. Colorful (and possibly criminal) details aside, the Uber breach is just the latest in a series of high-profile hacks this year, which collectively call into question the SEC’s effectiveness in policing cyber-risk disclosures. This proxy season may provide some answers, as the panelists on an Intelligize webinar will discuss (details below).

Having been victimized by its own breach announced this past September, the SEC may not be in the best position to play authority on cybersecurity. Nonetheless, the agency’s recent focus on cybersecurity, among other tea leaves, suggest that more is coming on disclosure requirements.

Even before assuming the chairmanship of the SEC in May 2017, Jay Clayton had been an outspoken proponent of robust cyber-related disclosures. “Issuers should consider whether their publicly filed reports adequately disclose information about their risk management governance and cybersecurity risks, in light of . . . current and evolving cyber threats,” he said in a September 2017 statement.

Current regulations, it seems, lack the clarity of the chairman’s rhetoric. It’s understood that a significant cyberbreach must be included under Item 8.01 of Form 8-K; beyond that, however, issuers have complained that the agency’s guidance remains murky. Meanwhile, recent comments made by William Hinman, director of the SEC’s Division of Corporation Finance, affirm that the SEC will soon issue new guidance around cybersecurity risk factor disclosure. No one expects the SEC to put an end to data breaches altogether, but these factors—along with the intensifying severity of data breaches—make some form of SEC action to increase transparency on cyber-risk feel imminent.

How will these cyber issues impact the 2018 filing season? In an upcoming webinar – moderated by Intelligize’s Marc Butler – a panel of experts will discuss:

  • How incident response has evolved with the increase in cybersecurity events;
  • What others in the industry are doing in regard to cyber liability insurance;
  • Timing of disclosure in periodic reports, when should you disclose and how much do you report; and
  • What is the litigation path beginning to look like? What to expect?

The event will take place December 6. Our panelists are: Daimon Geopfert, a principal with the risk advisory services group at RSM; Frances Goins, co-chair of Ulmer & Berne’s Data Privacy & Information Security group and the firm’s Financial Services & Securities Litigation group; Craig A. Newman, partner and head of the Privacy & Data Security practice at Patterson Belknap Webb & Tyler; and Judy Selby, principal of Judy Selby Consulting and a former partner at BakerHostetler.

To register for the complimentary 45-minute event, click here.

Related Articles

BlackRock Bets on Its ESG Record

As the manager of $8.7 trillion in assets, BlackRock has a big voice in the business community. It famously exercises that voice in an annual letter t...

Is the SEC Ready to Play Ball with SPACs?

If you’re a baseball card enthusiast who left your collection to gather dust in an attic somewhere, you may want to stop reading now. Earlier this y...

Infrastructure Plan Builds Corporate Tax Debate

In the S-1 filed ahead of its April IPO, Frontier Airlines cited several risk factors it said could threaten its business model of providing cheap fli...