Craig Hoffman Journalist Profile

Articles

2024 SEC Cybersecurity Rule Updates | JD Supra

Jan 7, 2025 | jdsupra.com | Eric B. Gyasi |Craig Hoffman |Janet Spreen

Key Takeaways: Impact Assessment Process – Verify that there is an internal protocol and process for (1) detecting cybersecurity incidents, (2) classifying incidents by potential impact (e.g., low, medium, high, critical), (3) escalating incidents based on severity classification to a committee that evaluates disclosure obligations (e.g., escalate all high and critical incidents), (4) assessing impact based on applicable qualitative and quantitative factors, (5) determining and documenting...
The SEC’s Regulation of Cybersecurity Continues | JD Supra

Jun 25, 2024 | jdsupra.com | Elise Elam |Craig Hoffman

The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the SEC regarding a December 2021 ransomware incident.
The SEC’s Regulation of Cybersecurity Continues

Jun 24, 2024 | lexology.com | Elise Elam |Craig Hoffman

The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the SEC regarding a December 2021 ransomware incident.
Addressing the SEC’s New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Requirements | JD Supra

Oct 27, 2023 | jdsupra.com | Eric B. Gyasi |John Harrington |Craig Hoffman

Key Takeaways On July 26, 2023, the Securities and Exchange Commission (SEC) adopted new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incidents. The rules require reporting companies to file a Form 8-K under a new Item 1.05 to report certain information in the event of a material cybersecurity incident.
Addressing the SEC’s New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Requirements

Oct 26, 2023 | lexology.com | Janet Spreen |John Harrington |Craig Hoffman |Eric B. Gyasi

Key TakeawaysOn July 26, 2023, the Securities and Exchange Commission (SEC) adopted new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incidents. The rules require reporting companies to file a Form 8-K under a new Item 1.05 to report certain information in the event of a material cybersecurity incident.
The SEC's Proposed Cybersecurity Rules: Regulatory Delay Does Not Bless Standing By

Jul 24, 2023 | lexology.com | Jonathan A. Forman |Craig Hoffman |Michelle N. Tanney

Key TakeawaysSince 2022, the U.S. Securities and Exchange Commission (SEC) has proposed several cybersecurity rules applicable to numerous regulated entities that, if adopted, would impose quick notification obligations and heightened disclosure requirements. Amid significant pushback during the public comment period, the SEC announced it would delay issuance of these rules, which are now expected to be finalized in October 2023 and April 2024.

Contact details

Emails

[email protected]

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →

Craig Hoffman

Articles

2024 SEC Cybersecurity Rule Updates | JD Supra

The SEC’s Regulation of Cybersecurity Continues | JD Supra

The SEC’s Regulation of Cybersecurity Continues

Addressing the SEC’s New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Requirements | JD Supra

Addressing the SEC’s New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Requirements

The SEC's Proposed Cybersecurity Rules: Regulatory Delay Does Not Bless Standing By

Contact details

Emails

Socials & Sites