SEC Cybersecurity Disclosure Readiness and Remediation

 

Let Optiv experts help you prepare for cybersecurity incident disclosure and proactive risk management.

 

SEC Approves New Cybersecurity Disclosure Ruleset

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved a cybersecurity disclosure ruleset. To improve transparency for shareholders, the SEC requires publicly traded companies to comply with new rules focused on cybersecurity risk management, strategy, governance and incident disclosure.

 

Business leaders need to strategize on how to determine incident materiality and prepare for fiscal year reporting. Optiv provides actionable solutions to address the immediate disclosure requirements while strengthening cybersecurity posture.

 

Jump to Readiness and Remediation Services

SEC Requirements for Cybersecurity Disclosure

 

The SEC cybersecurity disclosure ruleset mandates that publicly traded companies must disclose accurate and timely information regarding cybersecurity risks and incidents that could have a material impact on investors. This includes disclosing risks related to data theft, system failures, network outages.
 
Following the implementation of the SEC cybersecurity final rule in December 2023, the following SEC cybersecurity reporting requirements and forms:
 
Disclosures addressing risk management, strategy and governance:


 

  • Form S-K Item 106
  • Foreign Private Issuers (FPI): Form 20-F


 

In the case of an incident:


 

  • Form 8-K Item 1.05
  • Foreign Private Issuers (FPI) Form 6-5

 

Optiv subject-matter experts have broken down the requirements that all organizations should focus on to ensure SEC compliance. Review the highlights to see if your business is prepared.

Risk Management and Strategy
  • Processes for identifying and managing all material cybersecurity risks, including risks associated with third-party service vendors
  • Understanding of the third-party stakeholders engaged with your processes, including consultants and auditors

Key SEC workstreams to assess and mature.

Image
SEC-webpage-diagram.png

SEC Cybersecurity Disclosure Services

 

Optiv’s SEC Disclosure Readiness services are designed for the rapid identification of ruleset compliance gaps and the prioritization of actionable steps to remain compliant for subsequent years. We leverage our leading cybersecurity expertise and adaptable program methodology to proactively partner with you to address key disclosure focal points, including cybersecurity risk management, strategy, governance, incident disclosure and reporting, metrics and cyber education.
 
Depending on your business needs and security program maturity, Optiv SEC-focused readiness, remediation and related service offerings will help you prepare and remain compliant with our SEC cybersecurity guidance. Learn more about these services below.

Get Up to Speed

Image
ensure-compliance-image-setList_Image_476x210.jpg

 

Ensure Compliance: SEC Cybersecurity Disclosure Ruleset
 
Optiv's SVP, Associate General Council, Jacquelyn Wayne, shares her tips on how your organization can ensure compliance with the SEC cybersecurity disclosure ruleset.
 

Watch Now

Image
Ensure-Compliance-Public-Real-Estate-SEC-Ready-Webpage-list-image.jpg

 

Public Real Estate Company Gets SEC Ready
 
Optiv helped a public real estate company achieve SEC compliance readiness and created a thorough security program enhancement roadmap.
 

Download

Image
NACD_company-insights-SEC_list-image-476x210.jpg

 

Time Is of the Essence With SEC’s Approved Cybersecurity Disclosure Rules

 

Read an Optiv legal expert’s insights on the SEC disclosure ruleset.

 

Read Blog

Image
July_SEC-rules-linkedin-live_list-image.jpg

 

Are You SEC Ready? What You Need to Know about Cyber Disclosure Rules

 

Watch Optiv leaders explain the significance of determining materiality, board impacts and third-party cyber risks.

 

Watch Now

Image
sec-readiness-guide-website-list-image.jpg

 

SEC Disclosure Readiness Guide
 
Determine your organization's SEC readiness with Optiv's guide that leverages industry-recognized frameworks to assess company maturity.
 

Download

Image
sec-cyber-disclosure-rule-placemat-website-list-image.jpg

 

Optiv's SEC Cyber Disclosure Rule Placemat

 

The new SEC Cybersecurity Disclosure Rules summarized. Optiv experts have created a placemat outlining the key information to be prepared.

 

Download

Be Prepared

 

With Optiv’s guidance, gain the reassurance that your organization can confidently demonstrate a rapid, repeatable incident response and disclosure process to the SEC and your investors. Plus, enhance your cybersecurity posture, reporting, metrics and educational efforts so that you can develop proactive, sustainable response and remediation plans.