Will Recent Data Breaches Impact the 2018 Filing Season?

Will Recent Data Breaches Impact the 2018 Filing Season?

One can only hope that the recently uncovered data breach at Uber—which exposed the data of more than 50 million individuals and involved a company-authorized hush payment of $100,000 to the hackers—was, to borrow a term, a unicorn. Colorful (and possibly criminal) details aside, the Uber breach is just the latest in a series of high-profile hacks this year, which collectively call into question the SEC’s effectiveness in policing cyber-risk disclosures. This proxy season may provide some answers, as the panelists on an Intelligize webinar will discuss (details below).

Having been victimized by its own breach announced this past September, the SEC may not be in the best position to play authority on cybersecurity. Nonetheless, the agency’s recent focus on cybersecurity, among other tea leaves, suggest that more is coming on disclosure requirements.

Even before assuming the chairmanship of the SEC in May 2017, Jay Clayton had been an outspoken proponent of robust cyber-related disclosures. “Issuers should consider whether their publicly filed reports adequately disclose information about their risk management governance and cybersecurity risks, in light of . . . current and evolving cyber threats,” he said in a September 2017 statement.

Current regulations, it seems, lack the clarity of the chairman’s rhetoric. It’s understood that a significant cyberbreach must be included under Item 8.01 of Form 8-K; beyond that, however, issuers have complained that the agency’s guidance remains murky. Meanwhile, recent comments made by William Hinman, director of the SEC’s Division of Corporation Finance, affirm that the SEC will soon issue new guidance around cybersecurity risk factor disclosure. No one expects the SEC to put an end to data breaches altogether, but these factors—along with the intensifying severity of data breaches—make some form of SEC action to increase transparency on cyber-risk feel imminent.

How will these cyber issues impact the 2018 filing season? In an upcoming webinar – moderated by Intelligize’s Marc Butler – a panel of experts will discuss:

  • How incident response has evolved with the increase in cybersecurity events;
  • What others in the industry are doing in regard to cyber liability insurance;
  • Timing of disclosure in periodic reports, when should you disclose and how much do you report; and
  • What is the litigation path beginning to look like? What to expect?

The event will take place December 6. Our panelists are: Daimon Geopfert, a principal with the risk advisory services group at RSM; Frances Goins, co-chair of Ulmer & Berne’s Data Privacy & Information Security group and the firm’s Financial Services & Securities Litigation group; Craig A. Newman, partner and head of the Privacy & Data Security practice at Patterson Belknap Webb & Tyler; and Judy Selby, principal of Judy Selby Consulting and a former partner at BakerHostetler.

To register for the complimentary 45-minute event, click here.

Latest Articles

SEC Taking an Interest in Accounting Enforcement

The implosions of Silicon Valley Bank and Signature Bank this month may have come as a surprise to KPMG LLP, one of the so-called Big Four accounting ...

Execs’ 10b5-1 Plans Reportedly at Heart of Silicon Valley Bank Investigation

What did Silicon Valley Bank executives know, and when did they know it? Ever since the financial institution of choice for venture capital-backed ...

Revived SEC Admissions Policy Fizzled in First Year

You could be forgiven if you don’t recall an announcement made by a Securities and Exchange Commission official in 2021. A killer virus spreading ar...