A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
SEC Cybersecurity Disclosure Readiness and Remediation Let Optiv experts help you prepare for cybersecurity incident disclosure and proactive risk management. Download Service Brief Overview Requirements Services Resources Contact Us SEC Approves New Cybersecurity Disclosure Ruleset On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved a cybersecurity disclosure ruleset. To improve transparency for shareholders, the SEC requires publicly traded companies to comply with new rules focused on cybersecurity risk management, strategy, governance and incident disclosure. Business leaders need to strategize on how to determine incident materiality and prepare for fiscal year reporting. Optiv provides actionable solutions to address the immediate disclosure requirements while strengthening cybersecurity posture. Jump to Readiness and Remediation Services SEC Requirements for Cybersecurity Disclosure The SEC cybersecurity disclosure ruleset mandates that publicly traded companies must disclose accurate and timely information regarding cybersecurity risks and incidents that could have a material impact on investors. This includes disclosing risks related to data theft, system failures, network outages. Following the implementation of the SEC cybersecurity final rule in December 2023, the following SEC cybersecurity reporting requirements and forms: Disclosures addressing risk management, strategy and governance: Form S-K Item 106 Foreign Private Issuers (FPI): Form 20-F In the case of an incident: Form 8-K Item 1.05 Foreign Private Issuers (FPI) Form 6-5 Optiv subject-matter experts have broken down the requirements that all organizations should focus on to ensure SEC compliance. Review the highlights to see if your business is prepared. Risk Management and Strategy Processes for identifying and managing all material cybersecurity risks, including risks associated with third-party service vendors Understanding of the third-party stakeholders engaged with your processes, including consultants and auditors Incident Discovery and Disclosure Efficient, repeatable processes for determining incident materiality Transparent best practices for publicly disclosing incidents and communicating necessary information to shareholders Governance Board oversight that includes the identification of committee and sub-committee responsibilities Clear demonstration of management’s role in managing material risks and implementing cybersecurity policies, procedures and strategies Internal processes for monitoring and reporting risks to the board Key SEC workstreams to assess and mature. Image SEC Cybersecurity Disclosure Services Optiv’s SEC Disclosure Readiness services are designed for the rapid identification of ruleset compliance gaps and the prioritization of actionable steps to remain compliant for subsequent years. We leverage our leading cybersecurity expertise and adaptable program methodology to proactively partner with you to address key disclosure focal points, including cybersecurity risk management, strategy, governance, incident disclosure and reporting, metrics and cyber education. Depending on your business needs and security program maturity, Optiv SEC-focused readiness, remediation and related service offerings will help you prepare and remain compliant with our SEC cybersecurity guidance. Learn more about these services below. Readiness Readiness and Remediation Related Services 5-week engagement that includes: Observations and recommended actions against the SEC cyber disclosure ruleset Expert guided stakeholder interviews, documentation reviews and strategy analysis Actionable initiatives and roadmap aligned to the SEC ruleset and business objectives Best for: Organizations looking for expertise in understanding their ability to meet the disclosure ruleset requirements Businesses with the in-house resources to adjust processes/procedures appropriately if gaps are found 7-week engagement that includes: Everything included in the “Readiness” offering PLUS Optiv expert assistance to close initial prioritized gaps required for compliance Best for: Organizations seeking greater expertise in their ability to meet the disclosure rule requirements Businesses seeking assistance in rapidly resolving high-priority cybersecurity program, process and capability gaps that would hinder efforts to disclose effectively and efficiently The following services are key to strengthening your security posture. These services include maturing your cybersecurity risk management, strategy, governance and incident disclosure processes and programs. Image Cyber Risk Program and Metrics Risk Program Development; Risk Automation; Process Improvement and Rationalization; Risk Metrics Development (KRI/KPI); Risk and Compliance Monitoring; Regulatory Risk Assessments; Executive Board Advisory Image Incident Discovery and Management Data Governance & Inventory; Data Discovery and Crown Jewels Analysis; ADR/MDR; Incident Response Retainer; Incident Response Services; Tabletop Exercises Image Third-Party Risk Management TPRM Program Development / Advisory; TPRMaaS; Risk Automation Image Board Oversight and Governance Board Advisory; Tabletop Exercises; Risk Metrics Development (KRI/KPI); Disclosure Validation Image Communications and SEC Reporting Executive Board Advisory; Risk Advisory (Materiality Inputs); Tabletop Exercises; Communications Development Optiv provides clients with customizable services for organizations of all sizes. Here is what makes us unique: Solely focused on cybersecurity, Optiv is uniquely qualified to assist across the spectrum of remediation needs as a single partner for cyber services and technologies Distinctive offerings designed for a range of businesses, including those looking for a gap analysis or a more in-depth engagement to prepare for efficient cybersecurity disclosure Short and effective engagements with minimal impact to business operations and key stakeholder schedules Previous Next Protect Your Brand Leverage our cybersecurity SEC response team with industry-leading experts who can speak to your board, C-suite and audit, risk and cyber committees Transparently communicate what “materiality” means for your organization Align on cybersecurity governance, policies and procedures that will pass the SEC review Implement an incident management plan to improve your cyber readiness and overall cybersecurity posture Previous Next In 5-7 weeks, we will help you prepare for SEC compliance with the following exercises and deliverables: Actionable roadmap, timeline and initiatives Dedicated SME assistance with prioritized remediation activities, including specialized SMEs from across Optiv domains such as Identity, Data, Threat and more Specialized guidance for determining materiality in the case of an incident Previous Next Get Up to Speed Image Ensure Compliance: SEC Cybersecurity Disclosure Ruleset Optiv's SVP, Associate General Council, Jacquelyn Wayne, shares her tips on how your organization can ensure compliance with the SEC cybersecurity disclosure ruleset. Watch Now Image Public Real Estate Company Gets SEC Ready Optiv helped a public real estate company achieve SEC compliance readiness and created a thorough security program enhancement roadmap. Download Image Time Is of the Essence With SEC’s Approved Cybersecurity Disclosure Rules Read an Optiv legal expert’s insights on the SEC disclosure ruleset. Read Blog Image Are You SEC Ready? What You Need to Know about Cyber Disclosure Rules Watch Optiv leaders explain the significance of determining materiality, board impacts and third-party cyber risks. Watch Now Image SEC Disclosure Readiness Guide Determine your organization's SEC readiness with Optiv's guide that leverages industry-recognized frameworks to assess company maturity. Download Image Optiv's SEC Cyber Disclosure Rule Placemat The new SEC Cybersecurity Disclosure Rules summarized. Optiv experts have created a placemat outlining the key information to be prepared. Download Be Prepared With Optiv’s guidance, gain the reassurance that your organization can confidently demonstrate a rapid, repeatable incident response and disclosure process to the SEC and your investors. Plus, enhance your cybersecurity posture, reporting, metrics and educational efforts so that you can develop proactive, sustainable response and remediation plans.