In an act welcomed by many companies and investors, the SEC’s Division of Corporation Finance issued guidance to public companies on October 13 regarding disclosure obligations for data breaches.

The new guidance is consistent with the intent of existing Federal Securities laws that were partially designed to elicit information from registrants in the broader sense regarding events that would reasonably be considered important to investment decisions.  The guidance in this case is focused more acutely on cyber incidents or events that might have a similar impact on such decisions.  Read More…