Save time with unbiased, independent feedback on vendor solutions.
Watch weekly bite-sized webinars hosted by IANS Faculty.
The new SEC rules require publicly traded companies to enhance and standardize disclosures of cyber incidents. At a high level, the rules require public companies to report “material” cybersecurity incidents within four business
days after discovery, as well as file updates on previously disclosed incidents. Additionally, companies are required to disclose their risk management practices and the board’s role in cybersecurity oversight.
Find actionable guidance featured below - part of a more extensive collection of Infosec content available to our clients in the IANS Insights Portal.
2023 SEC Cyber Disclosure Rules Guidance
This two-part piece explains the new SEC rules, details actionable takeaways for even non-publicly traded organizations, and provides a requirements checklist focusing on incident disclosure to enable organizations to assess gaps that need to be addressed quickly.
Complete the form, and we’ll email you a copy of the 2023 SEC Cyber Disclosure Rules Guidance.
For CISOs, we recommend the following actions:
Gain further insight by accessing the following IANS Faculty blogs:
Learn More: New SEC Cyber Rules: What to Do Next
Learn More: Why CISOs Need D&O Liability Insurance Coverage Now
Learn More: CISO SEC Incident Risk: Best Practices Checklist
For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for making decisions and articulating risk. We provide experience-based security insights for chief information
security officers and their teams. The core of our value comes from the IANS Faculty, a network of seasoned practitioners. We support client decisions and executive communications with Ask-an-Expert inquiries, our peer community, deployment-focused
reports, tools and templates, and consulting.