AUTHOR ARCHIVES: Cara Peterman

Cara Peterman

Cara Peterman is a partner with the firm’s Securities Litigation Group. Her practice focuses on fiduciary duty and shareholder derivative suits, securities fraud, and other complex commercial litigation. Read more→

SEC Adopts Statement and Interpretive Guidance on Public Company Cybersecurity Disclosures

Posted on: 23 Feb 2018

The Securities and Exchange Commission (SEC) issued a press release announcing its unanimous approval of a statement by SEC Chairman Jay Clayton and interpretive guidance (the “2018 Guidance”) to assist public companies in preparing disclosures about cybersecurity risks and incidents. This is the first interpretive guidance published by the full Commission on the topic of cybersecurity for public companies, and it may foreshadow increased SEC action to protect investors from the potential negative effects of increasingly common large-scale data breaches. The 2018 Guidance formalizes and expands […] Read more

SEC Chairman Jay Clayton Announces Data Breach of SEC Systems Which May Have Led to Insider Trading

Posted on: 25 Sep 2017

SEC Chairman Jay Clayton issued a public statement on Cybersecurity (the “Clayton Statement”) last week, disclosing a 2016 attack on the SEC’s database of corporate filings. The intrusion exploited a vulnerability in the test filing component of the EDGAR system, a document repository for disclosures from public companies and issuers, through which the intruder was able to gain access to nonpublic (and potentially sensitive) corporate information.  Though the intrusion was detected in 2016, Clayton stated that the agency learned only in August 2017 that the incident, “may have provided […] Read more

SEC Continues to Focus on Cyber-related Disclosures

Posted on: 23 Feb 2016

Participating in a panel at the “SEC Speaks” event on February 19, Deputy Director of the SEC’s Enforcement Division Stephanie Avakian expressed that the Commission continues to focus on cybersecurity as a top priority in 2016. Avakian discussed the Commission’s cybersecurity concerns in three contexts: (1) failure of registered entities to follow Rule 30(a) of Regulation S-P (the “Safeguards Rule”) in protecting customers’ records and information; (2) illicit securities trading following theft of material non-public information; and (3) cyber-related disclosures by public companies, […] Read more