On
Why We are Sending this Alert: To remind issuers that they should ensure that their disclosure controls and procedures address cybersecurity and include elements intended to ensure that there is an analysis of potential disclosure obligations arising from cyberattacks and security breaches.
Details of
The order finds that First American's senior executives were not informed that the company's information security personnel had identified the vulnerability several months earlier, but had failed to remediate it in accordance with the company's policies. The order finds that First American failed to maintain disclosure controls and procedures designed to ensure that all available, relevant information concerning the vulnerability was analyzed for disclosure in the company's public reports filed with the Commission.
"As a result of First American's deficient disclosure controls, senior management was completely unaware of this vulnerability and the company's failure to remediate it," said
Action Items: The order is a reminder that issuers should ensure that their disclosure controls and procedures address cybersecurity and include elements intended to ensure that there is an analysis of potential disclosure obligations arising from cyberattacks and security breaches. At a minimum, disclosure controls and procedures and related protocols should specifically provide that cybersecurity incidents are promptly escalated and investigated, and reported to senior management, and where appropriate, to the Board of Directors.
Issuers should also consider reviewing their compliance programs to address the potential applicability of restrictions against trading while in possession of material, nonpublic information in connection with a cyberattack or security breach.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Mr
WI 53202
Tel: 312832 4500
Fax: 312832 4700
E-mail: info@foley.com
URL: www.foley.com
© Mondaq Ltd, 2021 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source