On February 21, 2018, the U.S. Securities and Exchange Commission (“SEC”) issued updated guidance to assist public companies with disclosure obligations under the federal securities laws relating to cybersecurity risks and incidents (“Guidance”). In addition to expanding upon the SEC’s prior guidance on cybersecurity, which focused on the disclosure of cybersecurity risks and incidents, the Guidance addresses two new issues – the implementation of cybersecurity policies and procedures and the examination of insider trading prohibitions in the wake of cybersecurity incidents. For additional information regarding the SEC’s new Guidance, please refer to the full Data Security & Privacy Client Alert. For a chronology summary of upcoming key dates and corresponding obligations under the Regulation, please see our most recent Data Security & Privacy Client Alert.