Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks

The SEC has continued to emphasize cybersecurity preparedness, yet it has promulgated no specific requirement forcing public companies to disclose cybersecurity risks and incidents. In response, public companies are agonizing over how to proactively mitigate cyber attacks, how much information should be disclosed, and when such disclosures should be made. In a guest article, Richard A. Blunk, managing director and general counsel of Thermopylae Ventures, LLC and Apprameya Iyengar, an attorney at Morrison Cohen LLP, provide key considerations for public companies mitigating and disclosing cybersecurity risks. See also “Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part One of Two)” (Aug. 12, 2015); Part Two (Aug. 26, 2015).

To read the full article

Continue reading your article with a CSLR subscription.