It’s a material world—why the SEC’s Yahoo! penalty really matters
Posted on May 4, 2018 in Cybersecurity, Data Privacy | Comments Off on It’s a material world—why the SEC’s Yahoo! penalty really matters
Determining whether to notify when struck by a cyberattack can be a complex undertaking, but the SEC’s recent $35 million penalty levied on Yahoo! Inc. for untimely disclosure of its breach raises the stakes for corporations. The need for a proactive, well-thought out regulatory notification strategy, and an awareness of the dangers of default non-disclosure positions, has never been greater.
- SEC guidance requires that organizations “take all required actions to inform investors about material cybersecurity risks and incidents in a timely fashion.”
- There is no bright line rule delineating what constitutes materiality, putting the premium on sound judgment and well designed policies.
- Organizations can help themselves by being able to “show their math” as to how decisions to disclose or not were made.
Learn more.
