The IT Law Wiki
The IT Law Wiki

Citation[]

Securities and Exchange Commission, Division of Corporation Finance, CF Disclosure Guidance: Topic No. 2-Cybersecurity (Oct. 13, 2011) (full-text).

Overview[]

This guidance provides the Division of Corporation Finance's views regarding disclosure obligations relating to cybersecurity risks and cyber incidents of publicly traded companies. Federal securities law requires that publicly traded companies report "material" risk — something that was not clearly defined or followed for cybersecurity risks before this document was released.