SEC Cybersecurity Disclosure Readiness and Remediation

 

Let Optiv experts help you prepare for cybersecurity incident disclosure and proactive risk management.

 

Overview

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved a cybersecurity disclosure ruleset. To improve transparency for shareholders, the SEC requires publicly traded companies to comply with new rules focused on cybersecurity risk management, strategy, governance and incident disclosure.

 

Business leaders need to strategize on how to determine incident materiality and prepare for fiscal year reporting on or after mid-December 2023. Optiv provides actionable solutions to address the immediate disclosure requirements while strengthening cybersecurity posture.

 

Jump to Readiness and Remediation Services

Requirements

 

With the SEC’s adoption of the new ruleset, publicly traded companies of all sizes are now in a race to comply ahead of the looming deadlines. Form 10-K disclosures will be due beginning with annual reports for fiscal years ending on or after December 15, 2023. In the case of incident disclosure, or Form 8-K, the rules will become effective on December 18, 2023. Smaller reporting companies will have up to an additional 180 days to comply with the material incident disclosure requirements.

 

Optiv subject-matter experts have broken down the requirements that all organizations should focus on to ensure SEC compliance. Review the highlights to see if your business is prepared.

Risk Management and Strategy
  • Processes for identifying and managing all material cybersecurity risks, including risks associated with third-party service vendors
  • Understanding of the third-party stakeholders engaged with your processes, including consultants and auditors

To help break down the SEC requirements and the cybersecurity programs that they impact, Optiv experts have determined the following key workstreams to assess and mature.

Image
SEC-webpage-diagram.png

Services

 

Optiv’s SEC Disclosure Readiness services are designed for the rapid identification of ruleset compliance gaps and the prioritization of actionable steps to remain compliant for subsequent years. We leverage our leading cybersecurity expertise and adaptable program methodology to proactively partner with you to address key disclosure focal points, including cybersecurity governance, risk management, incident reporting, metrics and cyber education. 

 

Depending on your business needs and security program maturity, Optiv SEC-focused readiness, remediation and related services offerings will help you prepare and remain compliant. Learn more about these services below.

Get Up to Speed

Image
ensure-compliance-image-setList_Image_476x210.jpg

 

Ensure Compliance: SEC Cybersecurity Disclosure Ruleset
 
Optiv's SVP, Associate General Council, Jacquelyn Wayne, shares her tips on how your organization can ensure compliance with the SEC cybersecurity disclosure ruleset.
 

Watch Now

Image
Ensure-Compliance-Public-Real-Estate-SEC-Ready-Webpage-list-image.jpg

 

Public Real Estate Company Gets SEC Ready
 
Optiv helped a public real estate company achieve SEC compliance readiness and created a thorough security program enhancement roadmap.
 

Download

Image
NACD_company-insights-SEC_list-image-476x210.jpg

 

Time Is of the Essence With SEC’s Approved Cybersecurity Disclosure Rules

 

Read an Optiv legal expert’s insights on the SEC disclosure ruleset.

 

Read Blog

Image
July_SEC-rules-linkedin-live_list-image.jpg

 

Are You SEC Ready? What You Need to Know about Cyber Disclosure Rules

 

Watch Optiv leaders explain the significance of determining materiality, board impacts and third-party cyber risks.

 

Watch Now

Image
sec-readiness-guide-website-list-image.jpg

 

SEC Disclosure Readiness Guide
 
Determine your organization's SEC readiness with Optiv's guide that leverages industry-recognized frameworks to assess company maturity.
 

Download

Image
sec-cyber-disclosure-rule-placemat-website-list-image.jpg

 

Optiv's SEC Cyber Disclosure Rule Placemat

 

The new SEC Cybersecurity Disclosure Rules summarized. Optiv experts have created a placemat outlining the key information to be prepared.

 

Download

Be Prepared

 

With Optiv’s guidance, gain the reassurance that your organization can confidently demonstrate a rapid, repeatable incident response and disclosure process to the SEC and your investors. Plus, enhance your cybersecurity posture, reporting, metrics and educational efforts so that you can develop proactive, sustainable response and remediation plans.