Author

On May 16, 2024, the SEC adopted amendments to Regulation S-P (“Reg S-P”) one year after its proposed amendments (the “Proposed Amendments”). The finalized amendments (“Amended Reg S-P”) largely track…

Adding to the growing number of cybersecurity incident reporting obligations, the Cybersecurity and Infrastructure Security Agency (“CISA”) has introduced a reporting requirement that will impact all critical infrastructure sectors, featuring…

The SEC’s new cybersecurity rules for public companies became effective on December 18, 2023. The rules require disclosure of a cybersecurity event within four business days of a determination that it…