Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

New SEC Rule Sets 4-Day Clock on Cyber Disclosures

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Culture

Offices

Careers

Stay Connected

Miriam Wugmeister and Dave Lynn spoke to Agenda about the Securities and Exchange Commission’s (SEC) new cybersecurity rule, which puts a hard timeline on when companies must publicly disclose material cybersecurity incidents, one of the more complex aspects of the final rule that companies had been eyeing.

About Morrison Foerster

people-default-header-desktop.jpg

people-default-header-mobile.jpg

Default Meta Data

Miriam Wugmeister and Dave Lynn spoke to Agenda about the Securities and Exchange Commission’s (SEC) new cybersecurity rule, which puts a hard timeline on when companies must publicly disclose material cybersecurity incidents, one of the more complex aspects of the final rule that companies had been eyeing.According to Dave, companies are being attacked by cyber criminals “all the time.”“It takes a while, once you even identify the breach, to figure out what’s happening,” Dave said. “It could take days, it could take weeks, it could take months. …And then once you at least have some knowledge about the incident, you can apply the materiality thresholds and tests to try to decide if it’s material.”Miriam added that the four-day window to disclose a cybersecurity event once it is deemed material is daunting because, when a company is in crisis, “the facts are literally changing every couple hours.”“So you’re trying to make a materiality determination while the facts are changing,” she said. “And it’s always hard to make decisions when the facts are changing or when they’re uncertain.”Read the <a href="https://www.agendaweek.com/c/4172654/539174" target="_blank">full article</a> (subscription required).

Sign Up

Few lawyers in the world have Miriam Wugmeister’s breadth and understanding of privacy and data security laws, obligations, and practices. As co-chair of Morrison Foerster’s preeminent global Privacy + Data Security Group, Miriam is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy and cybersecurity challenges. Ranked among the top in the profession by all major directories, her clients say: “Miriam is the best privacy counsel in the country that I have ever worked with. Her advice is always spot-on, practical, and helpful, and her judgment is impeccable.” “Miriam is a true leader in her field. I appreciate her brilliance and expertise.” “She keeps up with a rapidly evolving area and is quick to answer the most challenging questions with practical guidance a business can use.” (Chambers USA).Miriam’s counsel is particularly prized for complex global privacy and data security incidents. She has navigated some of the largest and most consequential incidents in history, including assisting Mandiant when it discovered and warned the world about the SolarWinds compromise. Having helped hundreds of clients respond to cybersecurity incidents, Miriam is called upon to advise and educate boards of directors regarding cybersecurity and the key role that boards play in understanding and overseeing the potential risks. Miriam works with companies to develop comprehensive customized incident response plans, train staff, conduct extensive tabletop exercises, and address key issues with executive management. While she regularly advises clients on responses to ransomware attacks and other cyber extortion incidents, she works on all other aspects that arise in the context of large security incidents including communication strategies, notifications to customers, consumers, and regulators; public disclosures; interactions with law enforcement globally; litigation; and investigations by regulators around the world. Miriam advises organizations on the planning and execution of complex global compliance efforts and defends regulatory matters relating to privacy and cybersecurity in the United States and internationally.Miriam serves as a board member of the <a href="https://sustainability.adp.com/adp-innovation-strategy.html#:~:text=In%20harnessing%20the%20power%20of%20big%20data%20through,that%20involve%20artificial%20intelligence%2C%20ML%20and%20big%20data." target="_blank">ADP AI & Data Ethics Committee</a> and is a leader in <a href="/capabilities/artificial-intelligence" target="_self">MoFo’s AI Group</a>, a cross-practice team that provides sophisticated, full-service representation to a wide range of clients with companies that both develop and use cutting-edge, rapidly changing technology in the AI space. Miriam uses her extensive industry experience and collaborative global approach to provide her clients with fast access to the newest trends and developments in AI.As founder and leader of the Global Privacy Alliance (GPA), Miriam encourages the development of rational privacy laws around the world and monitors privacy practices, laws, and regulations globally. On behalf of the GPA’s members, she takes an active role in anticipating upcoming privacy legislation and educating regulators on the commercial implications of proposed regulations.Chambers USA and Chambers Global recommend Miriam in the top tier of privacy and data security lawyers worldwide, with clients commenting to Chambers USA that she is “extremely practical and phenomenally smart. Just about one of the best privacy advisers there is,” and The Legal 500 US recognizing her as a leading lawyer for her “professionalism and strong international presence.” For her work in data protection and privacy, Miriam was an inaugural inductee into The Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as The Legal 500’s Leading Lawyers for the last six consecutive years. The Cybersecurity Docket has recognized Miriam as one of its Incident Response 50, a list of the top data breach response lawyers globally. She has been named one of Financial Times’ Top 10 Innovative Lawyers in North America and a National Law Journal Cybersecurity and Data Privacy Trailblazer for her breakthrough work in this space. Miriam was also previously designated as an Ethisphere Attorney Who Matters and a BTI Client Service All-Star.

Miriam Wugmeister

Partner

Privacy + Data Security

Public Company Advisory & Governance