Tag: Corp Fin Director Erik Gerding
Departure of Corp Fin Director
The SEC has just announced the departure of Corp Fin Director Erik Gerding at the end of this year. On his departure, Cicely LaMothe, the current Corp Fin Deputy Director, Disclosure Operations, will serve as Acting Director. Gerding has served as Corp Fin Director since February 2023, and recommended rules and amendments on climate disclosure, cybersecurity, SPACs, beneficial ownership reporting, universal proxy, clawbacks, sales under 10b5-1 plans and “pay versus performance.”
Corp Fin Director issues statement regarding sharing information about cybersecurity incidents
Yesterday, Corp Fin Director Erik Gerding issued a new statement, Selective Disclosure of Information Regarding Cybersecurity Incidents. As you know, last year the SEC adopted new rules regarding cybersecurity disclosure, including requirements for both material incident reporting on Item 1.05 of Form 8-K and periodic disclosure of material information regarding cybersecurity risk management, strategy and governance. (See this PubCo post.) Gerding’s new statement is designed to disabuse companies of the idea that the new rules preclude them from discussing information about a material cybersecurity incident with others, including their commercial counterparties, beyond the information included in the Form 8-K. Gerding assures us that “[t]hat is not the case.” But while the new rules may not prohibit disclosure, what about Reg FD?
Corp Fin adds one more new CDI on Form 8-Ks for material cybersecurity incidents
A few days ago, Corp Fin issued three new CDIs relating to delays in reporting material cybersecurity incidents on Form 8-K. Those CDIs, together with the Department of Justice Material Cybersecurity Incident Delay Determinations, addressed questions related to the Attorney General’s determination—or not—that disclosure of the incident on Form 8-K would pose a substantial risk to national security or public safety. (See this PubCo post.) Yesterday afternoon, Corp Fin added a new CDI on a closely related topic—the impact of a DOJ consultation on a determination, for reporting purposes, about the materiality of the incident itself. As Corp Fin Director Erik Gerding observed in a speech yesterday on cybersecurity disclosure, the CDI was intended to ensure that companies are not deterred from consulting with the DOJ or other national security agencies. The new CDI can be found under the caption Exchange Act Forms, in Section 104B, Item 1.05 Material Cybersecurity Incidents. A summary is below, but the CDI number is linked to the CDI on the SEC website, so you can easily read the version in full.
You must be logged in to post a comment.