On July 26, 2023, 5,996 public companies in the US got a new headache. CEOs, CFOs, CISOs, CIOs, and the senior leadership teams at US public companies must now make room for the SEC’s final rule S7-09-22, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. This guide explains how you can:
- Determine materiality
- Address 4-day disclosure rule
- Report incidents on 8K
- Prepare the new 10K
- Communicate risk to CFOs/CEOs
