On July 26, the Securities and Exchange Commission adopted a new rule regarding cybersecurity risk management, strategy, governance, and incident disclosure.  The “Cybersecurity Incident Disclosure Rule” will be applicable to public companies subject to the reporting requirements of the Securities Exchange Act of 1934. It is premised on the belief that investors will benefit from more timely and consistent disclosure about material cybersecurity incidents, and follows interpretive guidance the SEC issued in 2011 and 2018. The Final Rule will take effect 30 days after being published in the Federal Register – likely by September 1.

Welcome to the Constangy Cyber Advisor! Our 44-member cybersecurity and data privacy team is excited to announce we have joined the nationally renowned labor and employment law firm Constangy, Brooks, Smith & Prophete, LLP! As part of this move, the Constangy Cyber Team will regularly post blogs to the Constangy Cyber Advisor about significant data privacy and information security issues. Our blog posts will be informed by the thousands of data breaches we have managed, the dozens of new data breaches we manage each week, the robust compliance advisory services we provide to our clients, and the complex data privacy and security litigation on which we consult with our class action litigators.