SEC Final Rules Layout Companies’ Reporting Duty for Cybersecurity Incidents, Risk Management, Strategy and Governance

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring U.S. public companies to disclose material cybersecurity incidents on Form 8-K and, on an annual basis, disclose material information regarding their cybersecurity risk management, strategy and governance on Form 10-K. The final rules also require foreign private issuers to make comparable disclosures on Forms 6-K and 20-F.

Read the full Alert on the Duane Morris LLP website.

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress