Skadden Discusses FBI DOJ and SEC Guidance on Disclosing Cybersecurity Incidents

The CLS Blue Sky Blog

Brian V. Breheny Raquel Fox William E. Ridgway David A. Simon Khadija L. Messina

Partners Brian Breheny, Raquel Fox, William Ridgway and David Simon and associate Khadija Messina discuss the SEC’s now-effective cybersecurity incident reporting rules, which provide that companies may delay required disclosure — which becomes public immediately upon filing — if it poses a substantial risk to national security or public safety. The authors review guidance published by the FBI, DOJ and SEC detailing determining factors.