On October 22, 2024, the U.S. Securities and Exchange Commission (the “SEC”) announced settled charges in separate actions against four technology companies—Avaya Holdings Corp. (“Avaya”), Check Point Software Technologies Ltd.…
On July 18, 2024, in the landmark SEC v. SolarWinds Corp. case, U.S. District Judge Paul Engelmayer dismissed the majority of the claims brought by the U.S. Securities and Exchange Commission (the…
June 27, 2024 On June 24, 2024, the staff of the Division of Corporation Finance of the Securities and Exchange Commission (the “SEC”) released five new Compliance & Disclosure Interpretations…
In an unprecedented settlement, on June 18, 2024, the U.S. Securities & Exchange Commission (the “SEC”) announced that communications and marketing provider R.R. Donnelley & Sons Co. (“RRD”) agreed to…
On December 18, 2023, the Securities and Exchange Commission’s (the “SEC”) rule requiring disclosure of material cybersecurity incidents became effective. To date, 11 companies have reported a cybersecurity incident under…
In July, we previewed the new rules adopted by the Securities and Exchange Commission (“SEC”) for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. Under these rules, Item 1.05 of…
As we approach the end of the year, here are the Top 10 SEC cyber posts on the Debevoise Data Blog in 2023 by page views. If you are not…
The SEC’s new cybersecurity rules for public companies became effective on December 18, 2023. The rules require disclosure of a cybersecurity event within four business days of a determination that it…
On December 1, 2023 partners from our Data Strategy & Security, Securities Enforcement, and Capital Markets practices discussed practice tips to implement the SEC’s new cybersecurity rules. Receive the full…
On November 7, 2023, the profilic ransomware group AlphV (a/k/a “BlackCat”) reportedly breached software company MeridianLink’s information systems, exfiltrated data and demanded payment in exchange for not publicly releasing the…