In a FinTech Law Report article, data, privacy & cybersecurity partner Fran Faircloth (Washington, D.C.) examines a recent U.S. Securities and Exchange Commission settlement demonstrative of the Commission’s continued attention to public companies’ disclosures of cybersecurity incidents and its commitment to a broad notion of what constitutes such incidents.
The author note that UK-based education publisher Pearson plc is the third data breach settlement from the SEC. In each settlement, the SEC has stressed the importance of adequate disclosure controls and procedures, which are necessary to enable public companies to make timely disclosure of cybersecurity incidents. According to the author, the SEC appears to be pursuing an approach to data breach disclosures that is significantly more aggressive than is required under state data breach laws.
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.