Just a few days ago, a state-linked hacking group claimed responsibility for a disruptive cyberattack on a Fortune 500 medical technology company with no ransom demand and no negotiation, calling it retaliation for a U.S. military strike. The risk of this type of politically-motivated cyberattack may increase given the increasingly volatile geopolitical environment. To combat this, the President recently signed an executive order targeting cybercrime carried out by transnational criminal organizations, aimed at improving federal coordination in combatting cybercrime. Now is an important time for boards and management teams to focus on crisis and risk management, including durable operational resilience planning. This alert provides perspectives about current best practices on incident preparedness in the face of such threats, explains how this preparedness can be supplemented by an operational resilience framework, discusses the practical implications of the executive order, and lays out a governance hygiene checklist to guide your next cybersecurity oversight discussion.
Continue Reading Cybersecurity in the Age of Cyber Warfare: Governance Reminders for Public Company BoardsJ.T. Ho
Contact:Read more about J.T. Ho
Reframing Board Diversity Disclosure in 2026 Proxy Statements
By Helena K. Grannis, J.T. Ho, Lillian Tsu & Shuangjun Wang on
Board diversity disclosure is undergoing a meaningful recalibration. After years of increasing pressure by shareholders and other stakeholders to increase the number of women and underrepresented minorities on boards and provide robust disclosure of board demographic information, the framework is now shifting. Following the U.S. Court of Appeals Fifth Circuit’s December 2024 decision to strike down the rule requiring Nasdaq-listed companies to include board diversity disclosure in their proxy statements, the Trump Administration’s targeting of DEI programs, and the related pullback from the major proxy advisory firms and institutional investors in their stewardship principles and voting guidelines, companies are now re-assessing how they define and describe the diversity of directors serving on their boards in their proxy statements. While companies continue to emphasize that their boards include directors with diverse skills, backgrounds, experiences and viewpoints, proxy statement disclosure increasingly frames diversity in broader terms instead of focusing primarily on protected classes.
Continue Reading Reframing Board Diversity Disclosure in 2026 Proxy StatementsSEC Announces Changes to Rule 14a-8 No-Action Letter Process
The SEC’s Division of Corporation Finance just announced that it will largely step back from the shareholder proposal no-action letter process for the current proxy season (October 1, 2025 – September 30, 2026). The Division cited three reasons: resource constraints following the recent government shutdown, a high volume of registration statements competing for staff attention, and the extensive existing body of guidance already available to companies and proponents. The announcement aligns with the deregulatory approach we flagged in September when discussing potential reforms to the shareholder proposal process under the current SEC.
Continue Reading SEC Announces Changes to Rule 14a-8 No-Action Letter ProcessApplying A Retail Voting Program in Practice
By J.T. Ho, Helena K. Grannis & Kyle Pinder on
This article was authored by J.T. Ho and Helena K. Grannis from Cleary Gottlieb & Kyle Pinder from Morris, Nichols, Arsht & Tunnell LLP.
On September 15, 2025, the Office of Mergers and Acquisitions of the SEC’s Division of Corporation Finance permitted a novel approach to increase retail shareholder voting when it granted a no action letter request from Exxon Mobil Corporation.
Continue Reading Applying A Retail Voting Program in Practice