New SEC Rule on
Cybersecurity
Risk Management &
Incident Disclosure

New SEC Rule on
Cybersecurity
Risk Management &
Incident Disclosure

Per the SEC, it takes companies on average

Compliance Challenge

Is your company publicly traded & regulated by the SEC? if yes, you have a new Compliance Challenge.  

Disclose on Form 8-K, a material cybersecurity incident within four business days.

Compliance deadline: December 18, 2023

Disclose on Form 10-K, material information on cybersecurity risk management, strategy and governance, including processes, for assessing, identifying, & managing material risks from cybersecurity threats & previous cybersecurity incidents. Also, board of directors oversight and management’s role in managing material cybersecurity risks.

Compliance deadline: Effective for fiscal
year ending on or after December 15, 2023

For Foreign Companies, same requirements but on Form 6-K and Form 20-F, respectively.

For Smaller Reporting Companies (i.e. assets of $5 million or less), compliance deadline is June 15, 2024.

 

For Foreign Companies, same requirements but on Form 6-K and Form 20-F, respectively.

For Smaller Reporting Companies (i.e. assets of $5 million or less), compliance deadline is June 15, 2024.

 


In order, to attain compliance, you must not only have the necessary cybersecurity controls in place to prevent,
detect, mitigate and remediate, but also the supporting
disclosure controls in place.


In order to attain compliance, you must not only have the necessary cybersecurity controls in place to prevent,
detect, mitigate and remediate, but also the supporting
disclosure controls in place.

You need to perform a compliance assessment and gap analysis, then take steps to attain timely compliance with the SEC’s Rule. Then maintain compliance.

The Key To Success - You must implement 25 controls

key questions you need to have answers to:

What is a material cybersecurity incident?

When do non-material cybersecurity incidents become material?

What are ongoing disclosure requirements once an incident is reported?

What controls are necessary to ensure compliance?

What are risk management, strategy and governance requirements?

What is assessment, identification & management of material risks?

What are requirements for board oversight & management?

The Compliance Solution:

CyberCatch's SEC Compliance Manager Solution

SEC Compliance Manager SaaS Solution
AI-Enabled Cybersecurity Advisor
Detailed Compliance Tips
Compliance Assessment Engine with 25 Controls
Evidence Repository
Gap Analysis & Workflow Engine
Charts, Graphs
6X Faster Compliance

Key Benefits

Quick compliance assessment and gap analysis

Built-in AI-enabled Cybersecurity Advisor for guidance & tips

Detailed answers to not only compliance requirements, but also best practices

Attain compliance 6X faster and with precision

Maintain ongoing compliance efficiently and effectively

Save time & money

You should also perform a cybersecurity incident simulation led by a cybersecurity expert to test your SEC compliance readiness and capability and eliminate any gaps and blind spots. CyberCatch can also assist with this critical step.