Joseph D. Masterson quoted in article "Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part One of Two)"

Media Mention
The Cybersecurity Law Report

Below is an excerpt:

In the wake of a material incident, companies should issue a supplemental disclosure right away, Joseph Masterson, a partner at Quarles & Brady, said. “The minimum responsibility is the annual obligation to disclose in the 10-K material information about special risks and then to update that information quarterly if it’s changed,” Masterson said. “If there is a major breach, they file an 8-K special report and not wait for the next cycle the way they would normally do it with an SEC filing.”

In other circumstances, the nature of the incident may not require an immediate supplemental disclosure, and the company may decide to instead include updated language in the next scheduled disclosure.

In addition, notes to the financial statements should include a management discussion and analysis of the cyber program, Masterson said.

Originally published in The Cybersecurity Law Report, August 12, 2015

News

Related Capabilities

Follow Quarles

Subscribe Media Contact
Back to Main Content

We use cookies to provide you with the best user experience on our website and to analyze statistics related to our website. To understand more about how we use cookies, or for instructions to change your preference and browser settings, please see our Privacy Notice. Please note that if you choose to reject cookies, doing so may impair some of our website's functionality.