SEC Considering Enforcement Actions Due To Inadequate Cybersecurity Disclosures

KL
Kramer Levin Naftalis & Frankel LLP

Contributor

Kramer Levin provides its clients proactive, creative and pragmatic solutions that address today’s most challenging legal issues. The firm is headquartered in New York with offices in Silicon Valley and Paris and fosters a strong culture of involvement in public and community service. For more information, visit www.kramerlevin.com
Acting SEC enforcement director Stephanie Avakian says the agency may file formal enforcement actions against public companies that fall short of cyber incident and risk reporting requirements.
United States Technology

Acting SEC enforcement director Stephanie Avakian says the agency may file formal enforcement actions against public companies that fall short of cyber incident and risk reporting requirements. While the agency has yet to do so since issuing guidance on the topic in 2011, Avakian told a recent panel session of the International Association of Privacy Professionals' Global Privacy Summit she could foresee circumstances where it would be necessary to file suit. Despite the SEC's willingness to pursue an enforcement action, Avakian also sought to reassure it would not target companies that make "good faith disclosure decisions" that nonetheless fall short of expectations.

Link To Article

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More