Skip to main content

Report

Navigating the SEC’s cybersecurity disclosure rules

Learn about new SEC requirements for cyber reporting — and how to comply.

With the US Securities and Exchange Commission’s final rules in effect as of Dec. 18, 2023, organisations are required to disclose material cyber incidents in a timely manner.

All publicly traded companies are required to provide information on material cybersecurity incidents, as well as share certain details of their enterprise cyber risk management programs. While the rules only apply to public companies, they also serve as a reminder for private companies to embrace best practices, including determining incident impact and establishing a cybersecurity governance program.

Interested in defining how these rules apply to your organisation? Contact us
Use this report to:
  • Take a deeper dive into the SEC disclosure rules and reporting requirements.
  • Gain a better understanding of key terms.
  • Learn how to determine materiality.