by Francesca L. Odell, Rahul Mukhi, Tom Bednar, Nina E. Bell, and Greg Stephens
Left to right: Francesca L. Odell, Rahul Mukhi, Tom Bednar, and Nina E. Bell (Photos courtesy of Cleary Gottlieb Steen & Hamilton LLP) (Not Pictured: Greg Stephens)
The SEC pursued multiple high-profile enforcement actions in 2024, alongside issuing additional guidance around compliance with the new cybersecurity disclosure rules.
Together these developments demonstrate a continued focus by the SEC on robust disclosure frameworks for cybersecurity incidents. Public companies will need to bear these developments in mind as they continue to grapple with cybersecurity disclosure requirements going into 2025.