snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Author Archives / Veronique Wattiez Larose

Subscribe to posts by Veronique Wattiez Larose

Network Breached? Then Report It – New SEC Guidance on Cybersecurity Disclosure Obligations

Posted in Privacy, Regulatory Compliance

In light of the increasing rate of security breaches in industry and government, the US Securities and Exchange Commission (SEC) has issued guidelines encouraging public companies to disclose cyberattacks waged against them. The guidelines apply to both domestic US companies and foreign private issuers, and may therefore apply to Canadian companies registered in the US.

What types of disclosure are required?

A company is obligated to disclose material information relating to risks (e.g., a security system failure) and incidents (e.g., a security breach) if necessary to avoid misleading investors in light of other required disclosures.

When is disclosure required?

In … Continue Reading