The Source for Cyber Insurance News, Insights and Data
It’s been a year since public companies had to start complying with new SEC cyber incident disclosure rules requiring Form 8-Ks for “material” cyber events. Law firm Paul Hastings has now released a study of 75 disclosures from 45 companies between December 2023 and October 2024. It shows a 60% increase in the number of … Read more
The European Commission has launched “infringement procedures” against a majority of its member states for failing to meet an October deadline to enact EU cyber security regulations. The regulations come in two packages: the NIS2 Directive, aimed at enhancing cyber security and the Critical Entities Resilience (CER) Directive, focused on safeguarding critical infrastructure. “The Commission … Read more
Chief Information Security Officers (CISOs) face growing personal liability risks amid increasing cybersecurity threats and stricter regulations. Recent Securities and Exchange Commission (SEC) actions have targeted CISOs individually. For the first time, the SEC charged a CISO with fraud and internal control failures related to cybersecurity. New SEC disclosure rules now require timely reporting of … Read more
Four companies have settled charges by the Securities and Exchange Commission (SEC) that they made “materially misleading disclosures” after being breached in 2020 by the SolarWinds’ Orion software hack (US public companies have been required to disclose material cyber events since last year, see this.) But two of five SEC commissioners dissented on the charges, … Read more
Anne Neuberger, the U.S. Deputy National Security Adviser for Cyber and Emerging Technology, wrote an opinion piece in the Financial Times on the evolving nature of ransomware attacks and the need for an updated response. This piece revisits the issue of banning ransomware payments, a topic we’ve previously covered as the ransomware crisis continues to … Read more