October 15, 2021

In this article, Partners Brian R. Boch and Charles D. Riely and Associate Bill R. Erlain highlight key factors for a public company to consider in determining whether and how it should disclose a cybersecurity breach in light of recent SEC guidance, enforcement actions and investigations, and private securities actions. The authors also discuss recent actions indicating that the SEC has ramped up its enforcement scrutiny of cybersecurity breach disclosures.