David R. Owen and Kenneth Ritz Publish “When Security Fails: Increasing Focus at the SEC on Cybersecurity Disclosure and Internal Controls” in the New York Law Journal
Virtually all of the world’s commercial data and information has become remotely accessible from almost anywhere, creating an explosion of corporate productivity and efficiency, as well as a never-ending stream of hackers hoping to take criminal advantage of it. Recent COVID-19 lockdowns and mass migration to remote work have highlighted both the power and the continuing vulnerabilities of this evolution. To assist investors in understanding the evolving risks, the Securities and Exchange Commission (the “SEC”) has shown a steadily increasing focus on cybersecurity disclosures in recent years, and that trend is almost certain to continue with new rule amendments expected in April of this year.
In a new article for the New York Law Journal, partner David Owen and associate Ken Ritz explore the SEC’s increased focus on cybersecurity disclosure and internal controls, including the regulatory framework and recent enforcement actions for inadequate controls.
NYLJ_When Cybersecurity Fails_Cahill_3.7.22.pdf (pdf | 241.84 KB )