A CISO's Guide to the SEC’s Cybersecurity Regulation

A CISO's Guide to the SEC’s Cybersecurity Regulation

On July 26, 2023, 5,996 public companies in the US got a new headache. CEOs, CFOs, CISOs, CIOs, and the senior leadership teams at US public companies must now make room for the SEC’s final rule S7-09-22, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. This guide explains how you can:

  1. Determine materiality
  2. Address 4-day disclosure rule
  3. Report incidents on 8K
  4. Prepare the new 10K
  5. Communicate risk to CFOs/CEOs