June 24, 2024 at 02:08PM Several US companies filing Form 8-Ks with the SEC have referenced a cyber incident affecting CDK Global, a major software provider for car dealerships. The incident has disrupted business operations, leading affected companies to deploy mitigation strategies. CDK has faced two system shutdowns and is reportedly considering a ransom payment … Read more
May 22, 2024 at 12:40PM The SEC has clarified guidelines for public companies regarding ransomware and cybersecurity incident disclosures. Public firms must report “material” cyber intrusions under Form 8-K, Item 1.05. For immaterial incidents or those lacking a materiality determination, use Form 8-K, Item 8.01. SEC aims to help investors distinguish between the two for … Read more
May 6, 2024 at 05:10PM AXA XL introduces a new cyber insurance endorsement tailored for public companies to address costs associated with meeting updated SEC reporting compliance obligations after a cyber incident. The endorsement covers expenses for investigating breaches, legal fees, and filing Form 8-K within four days of determining a material cyber breach. This … Read more
November 14, 2023 at 11:18AM The Securities and Exchange Commission (SEC) has implemented a new rule requiring companies to file a Form 8-K within four business days of determining that a cybersecurity incident is material. This rule also mandates annual disclosure of material cybersecurity incidents and information on cybersecurity risk management, strategy, and governance. Jill … Read more
November 7, 2023 at 01:52AM The Securities and Exchange Commission (SEC) has implemented a new rule requiring companies to disclose cybersecurity incidents and provide annual information on their cybersecurity risk management, strategy, and governance. The rule mandates the filing of Form 8-K within four business days of determining an incident as material, with enforcement starting … Read more