Follow Us
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the Securities Exchange Act of 1934. The final rules passed by a narrow 3-2 vote, which is representative of the compromise required to enact these much commented on rules that will be burdensome, especially for public companies with underdeveloped cybersecurity programs. The adoption of these SEC cybersecurity rules demonstrates that cybersecurity is a top corporate risk today and that the SEC is arming investors with information to better evaluate it. In Commissioner Caroline Crenshaw’s statement on the SEC rules’ adoption, she noted that, “cybersecurity breaches reported by public companies increased by nearly 600% in the last decade and the costs, borne by issuers and their investors, are estimated to be in the trillions of dollars per year in the U.S. alone.” Since cybersecurity risks and the cost of resolving cyber incidents have increased alongside the digitalization of operations, the growth of remote work and the increasing reliance on third-party service providers for information technology services, the SEC has determined investors require more consistent, comparable, decision-useful and transparent disclosures to evaluate a company’s exposure to cybersecurity risks and incidents as well as a company’s ability to manage and mitigate those risks.
Continue reading by getting
started with a subscription.
Privacy Risk Management & Data Minimization
By Therese Craparo and Sarah Bruno
Many organizations — from growing start-ups to mature, well-established companies — are struggling with the new reality of what it means to manage data in an era of digital transformation, exponential data growth, and expanding regulatory regimes focusing on data management and minimization.
Digital Dibs: Rival Views of Generative AI Copyrights
By Greg Moreman
GAI platforms like ChatGPT and OpenAI often require very little human input, shattering this legal landscape’s framework by posing a simple question: Who authored the material? We’ll explore how two countries are answering this question in different ways.
Empowering Legal Professionals: Navigating AI Solutions for Efficiency and Data Security
By Michael T. Murray and Tony Donofrio
Integrating AI tools into legal practice without compromising the security of sensitive client information is a paramount concern. In this article, we’ll examine how AI is revolutionizing certain aspects of legal work, while offering best practices for employing these technologies and providing guidance for legal professionals in selecting the right AI products and service providers.
Pitfalls In Personal Device Data Collection
By Marjorie Peerce and Marguerite O’Brien
The increasing frequency of “bring your own device” policies creates serious implications for subpoena recipients and litigants to ensure compliance with discovery demands. And courts across the country consider such personal mobile data fair game. To avoid pitfalls —and sanctions — counsel must take proactive steps to ensure proper preservation and collection of personal mobile data and verify that clients comply.
Copyright © ALM Global, LLC. All Rights Reserved.
