Partners Anita Bandy, Brian Breheny, Raquel Fox, William Ridgway and David Simon discuss how new SEC rules and last year’s enforcement action against SolarWinds make it clear that directors are expected to actively engage in the oversight of their companies’ cybersecurity measures. The authors provide:
- A synopsis of the new SEC cyber disclosure rules.
- Key considerations for boards and directors.
- An overview of SEC cyber litigation and enforcement related to SolarWinds’ failure to manage cybersecurity risks.
- A cyberrisk and disclosures checklist for boards and senior executives.
- A list of factors that may make a cyberattack “material.”