Georgina McLeod

Aug 17, 2023 | jdsupra.com | Ralph R. Mazzeo |Georgina McLeod |Andrew P. Pontano

Key Takeaways ABS issuers have been exempted from the U.S. Securities and Exchange Commission's (“SEC”) final rule requiring certain cybersecurity risk and incident disclosure (the “Final Rule”).1 The SEC left open the possibility of disclosure and reporting requirements for cybersecurity risks tailored to ABS issuers noting that the SEC may “consider cybersecurity disclosure rules specific to asset-backed securities at a later date.” In March 2022, the SEC issued a proposed rule (the...

Aug 16, 2023 | lexology.com | Ralph R. Mazzeo |Andrew P. Pontano |Brenda R. Sharton |Timothy Spangler |Georgina McLeod

BackgroundIn March 2022, the SEC issued a proposed rule (the “Proposed Rule”) to expand and standardize disclosure and reporting requirements for public companies regarding cybersecurity risks, incidents and management.2 The SEC issued the Proposed Rule in response to a perceived rise in cybersecurity risks, the severity in cost and impact to companies experiencing cybersecurity attacks and the lack of standardization regarding disclosure.