On April 21, 2022, the Fourth Court affirmed the dismissal by the district court that found that the complaint failed to adequately allege a false or misleading statement or omission, loss causation or scienter. Although Marriott could have provided additional information to investors regarding its cybersecurity risks following a merger with Starwood, the federal securities laws did not require it to do so, and Securities and Exchange Commission (SEC) guidance advises companies against detailed disclosures that could compromise their cybersecurity efforts. The decision has significant implications for companies considering how to describe their cybersecurity programs in public disclosures.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.