The Securities and Exchange Commission has updated its regulations requiring public companies to file cybersecurity disclosures, beginning in December 2023. Cyber-incident reporting within four business days of a material incident and Cybersecurity process disclosures indicating Officer and Director ownership over these cybersecurity processes will be required.
This PowerSession describes the two major disclosure area requirements, cyber-incidents (Form 8-K) and cybersecurity processes (Form 10-K) and technical guidance on how to comply with the regulations.
- Understand the two major disclosure requirements of the SEC Cybersecurity Regulations;
- Understand the nuances of what is changing from previous SEC cybersecurity reporting requirements
- Learn what information to report on a Form 8-K when a cyber-incident is determined to be material
- Understand what a “good faith” cybersecurity process entails for cybersecurity disclosure reporting in a Form 10-K
Who should view:
- Officers and Directors of Public Companies and Foreign Entities subject to SEC regulations
- Legal and Compliance personnel
- IT Security personnel responsible for implementing technical solutions
- Staff and consultants encouraging or accommodating legislative policy and regulatory organizations
Jim Hempstead manages the Global Project & Infrastructure Finance Group which includes almost 100 analysts covering approximately 1,800 individual issuers with over $3.5 trillion in debt. Jim acts as a rating chair across all segments of the portfolio; helps guide the team’s research objectives and is a regular participant in the team’s outreach activities. Jim helped develop the rating agency’s cyber risk strategy from 2019 to 2023 and managed the rating agency’s Environmental, Social and Governance effort between 2017 – 2020.
President and Consultant with over 20 years of experience in cybersecurity, emerging technologies, marketing, business development, and government relations. I help Fortune 1000 clients, organizations, small businesses, and start-ups achieve their strategic goals and grow their market share. Serves as an Adjunct Professor at Georgetown University, where I teach graduate courses on risk management, homeland security, and cybersecurity, and design a certificate course on Blockchain technologies. Named “Top Tech Person To Follow” by LinkedIn, Voted “Cybersecurity Person of the Year.”
Danielle Jablanski is an OT cybersecurity strategist at Nozomi Networks, responsible for researching global cybersecurity topics and promoting operational technology (OT) and industrial control systems (ICS) cybersecurity awareness throughout the industry. She is also a nonresident fellow at the Cyber Statecraft Initiative of the Atlantic Council’s Scowcroft Center for Strategy and Security.
Bob is the Founder and CEO of Digital Directors Network, the leader in digital and cybersecurity governance. He is also an adjunct professor at the USC Marshall School of Business where he has taught strategic management, structured problem solving, global business issues and corporate governance. He is a retired PwC advisory senior partner where he lived and worked on 4 continents across 20 countries and built high performing teams, launched and led multiple businesses and helped the global F1000 on a range of strategic, operational and technology issues. He held senior leadership roles on PwC’s Global and Asia Pacific leadership teams and led their US IT strategy and operations practice and data management business units.