Key takeaways

• Yesterday, the SEC issued new Guidance regarding cybersecurity disclosure and governance requirements that reinforces and builds upon October 2011 guidance by the staff of the Division of Corporation Finance.
• The Guidance underscores the importance of robust and timely disclosures of cybersecurity incidents and risks.
• The Guidance also stresses the importance of controls and procedures related to cybersecurity and policies and procedures that guard against insider trading based on material non-public information about cyber incidents or risks.