Public Real Estate Company Gets SEC Ready


Download Case Study

The Situation - Working Through New Federal Cybersecurity Requirements for Public Companies


A Real Estate Services company sought assistance in getting prepared for Securities and Exchange Commission (SEC) requirements, especially with the recent disclosure ruling in effect for cybersecurity risk management, strategy and governance.


They particularly honed in on understanding their current processes and wanted to make sure they were optimal for disclosure, as well as efficient for operations by remedying the documentation gaps and establishing a coherent interpretation of the regulatory framework.


Ultimately, the company needed a partner that was experienced with SEC compliance readiness and held a wide expertise across cybersecurity domains ranging from risk management to incident management and even third-party risk management. The company found this in Optiv.

The Solution - Streamlining What Works and Developing What Does Not


In response to the multifaceted challenges, Optiv’s team of strategy consultants utilized our SEC Disclosure Readiness and Remediation services, as it addressed both immediate compliance concerns and long-term security program maturity enhancement.


We leveraged our SEC Cybersecurity Ruling Framework to efficiently deliver the new proposed requirements to the company. This framework not only simplified the compliance process, but also ensured that the organization's efforts were aligned with the latest regulatory standards. Optiv’s consultants identified areas within the organization's incident response process that required strengthening, which included measures to reduce incident disclosure time, ensuring swift and effective responses to potential cybersecurity breaches.


Beyond the original SEC requirements, we identified key risks that could impact the organization's cybersecurity posture. This expanded perspective allowed the company to proactively address potential vulnerabilities and emerging threats. Working closely with the company's internal team, we provided tailored remediation guidance; our templates and recommendations were adapted to the company's current state, easing the implementation of necessary changes.


In the end, we assisted the public real estate company in defining its reporting processes for the future state. This ensured that the company would not only meet compliance requirements but also continue to enhance its cybersecurity practices over time. This comprehensive approach resulted in a roadmap that guided the company's actions and outlined the steps needed to implement new capabilities. Our solution not only streamlined the company's compliance with SEC regulatory changes but also bolstered its cybersecurity posture and overall maturity.

Download a printable version of this case study


Industry Served: Real Estate Services

What Client Purchased

  • SEC Disclosure Readiness and Remediation


  • Reviewed the company’s current cyber risk management program, associated strategy and processes to manage material risks
  • Performed discovery workshops using Optiv’s SEC Cybersecurity Ruling Framework
  • Analyzed the gathered data to develop areas to be strengthened, enabling the organization to both meet the ruling standards and improve overall incident response processes
  • Developed a roadmap to prioritize client improvement projects with short and mid-term recommendations


  • Streamlined existing reporting and incident response processes to better enable the client to meet the new requirements utilizing what was already in place and adding net new areas to create better reporting efficiencies
  • Curated client accelerator templates, such as reporting guides and process diagrams, that the client may utilize to make incident reporting and general reporting processes more efficient to meet the 4-day disclosure window
  • Provided a readiness assessment, executive summary and roadmap to strengthen identified areas

How can we help you secure greatness?


Optiv can advise on, deploy and operate end-to-end cybersecurity programs aligned to your business goals. As the cyber advisory and solutions leader, we serve nearly 6,000 companies across every major industry. Our certified experts can help you gain the agility, security, scale and control you need to stay ahead of the competition.