On February 21, 2018, the SEC issued new guidance on whether public companies need to provide public disclosure of a “material” cybersecurity risk or event.  Although the guidance is nonbinding, it is instructive in understanding how the Commission may interpret alleged cybersecurity lapses, particularly with regard to enforcement actions in exercising its civil jurisdiction over public … Continue Reading