With the U.S. Securities and Exchange Commission’s (SEC) recent adoption of rules mandating disclosure of significant cybersecurity incidents, corporate legal departments are navigating uncharted territories. These new rules have a dual-edged impact, raising cybersecurity vigilance on one hand, but potentially exposing firms to the risk of compromise on trade secrets on the other, according to legal experts Daniel Garrie, co-founder at Law & Forensics, and Bradford Newman, a partner at Baker McKenzie.
These high stakes necessitate companies to reevaluate their processes and communication strategies. Paramount among these concerns is the obligation to effectively balance SEC cybersecurity compliance with the protection of trade secrets. It is no longer just about building resilient defenses against cyber threats, but also assuring that the execution of the reporting obligations does not unintentionally violate the sacrosanct ground of trade secrets.
Expert opinion suggests that the directive towards transparency necessitated by the SEC rules, could inadvertently hand over critical information to threat actors. This emphasizes the security conundrum faced by companies. How can the safety of their systems, another valuable asset – their trade secrets – be simultaneously guaranteed, while effectively responding to emerging legal compliance requirements?
For the detailed insights and strategies proposed by Garrie and Newman to counter these challenges, the legal fraternity can refer to their comprehensive analysis here. Developed with the corporate realities in mind, their expert guidance is expected to serve as a vital roadmap for corporate legal departments dealing with the SEC’s new regulations.