The SEC has charged four companies for making materially misleading public disclosures of cyber incidents and risks, alleging that each minimized the effects of the 2020 SolarWinds attack on its business. Two commissioners strongly dissented, arguing that the enforcement staff went astray by demanding an array of incident details that muddied the picture for the investor, while not adding clarity about the incident’s impact. This article, the first of a two-part series, examines key takeaways from the actions and discusses the risks and materiality questions spotlighted by the cases and the dissent, with insights from former SEC enforcers now at McGuireWoods and Fenwick & West. Part two will offer practical recommendations about what to include in cybersecurity disclosures and predictions about future enforcement. See “A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules” (Jul. 10, 2024).