When is a Cybersecurity Incident Material?

Recently we discussed the principle of materiality in the context of Valeant Pharmaceuticals and its Variable Interest Entity (VIE), Philidor. In that post we examined two key concepts in assessing materiality, namely quantitative and qualitative. It is possible for something to be quantitatively immaterial, … Continue reading

Exploring the Disclosure of Cybersecurity

The SEC has been concerned with cybersecurity disclosures for many years. In 2011, guidance was issued to clarify public companies’ responsibility to disclose cybersecurity issues. The guidance requires public companies to disclose cybersecurity as a Risk Factor for companies that … Continue reading