SEC’s proposal: legal compliance obligations
1. This is a link to SEC’s proposal https://www.sec.gov/news/press-release/2022-39
2. Here are some commentaries:
a) https://www.lexology.com/library/detail.aspx?g=0109ba7b-5bd5-4cd1-b4ad-58f35cbff668
b) https://www.natlawreview.com/article/sec-proposes-enhanced-cybersecurity-disclosure
c) https://www.sullcrom.com/files/upload/sc-publication-sec-proposes-new-cybersecurity-disclosure-rules-for-public-companies.pdf
d) https://www.wilmerhale.com/en/insights/blogs/focus-on-audit-committees-accounting-and-the-law/20220310-sec-proposes-new-public-company-cybersecurity-disclosure-rules
3. Can you prepare two slides setting out:
a. The fundamental objective of the data project and why from a legal and compliance perspective it is necessary – referring to the key driver being the SEC’s new requirements
b. The priorities of the project
i. Data retention
ii. Cyber incident response
iii. Data breach reporting or any other priority you think we should mention at this point instead of data breach reporting – perhaps we should limit it to 3.