On February 9, 2022, the SEC released its much-anticipated proposed rules relating to cybersecurity risk management, incident reporting, and disclosure for investment advisers and funds. Many of the proposals follow…
On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…
On October 13, the annual Securities and Exchange Commission Speaks seminar concluded with presentations from the Examination, Enforcement, and Investment Management divisions. As SEC regulated entities (including publicly traded companies,…
As part of our ongoing series on enforcement actions by the Securities and Exchange Commission (“SEC”) in data- and cybersecurity-related matters (here, here, and here), we have been closely tracking…
The U.S. Securities and Exchange Commission this week took the rare step of penalizing a company for its allegedly poor disclosure of a cyber incident. The SEC announced a $1…
On 19 January 2021, the UK Information Commissioner’s Office (the “ICO”) published its September 2020 letter to the Securities and Exchange Commission (the “SEC”) analysing the GDPR’s impact on UK-based…