Although the Securities and Exchange Commission doesn’t require companies to disclose cybersecurity risks and incidents, companies should establish a disclosure framework in light of the SEC’s cybersecurity guidance, attorneys said March 7 at the International Association of Privacy Professionals Global Privacy Summit.
General counsels have identified cybersecurity as their number one issue three years in a row in one survey, Mary Ellen Callahan, chair of the Privacy and Information Governance Practice at Jenner & Block LLP and former chief privacy officer at the Department of Homeland Security, said.
The Securities and Exchange Commission began to review public company disclosures on ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.