SEC: New Cyber-Security Regulations

Dr. David Edward Marcinko MBA

Oct 1

By Staff Reporters

***

The SEC's new cybersecurity regulations went into effect last week. Most companies are "largely ready" to comply, Matt Gorham, senior managing director and leader of PwC's Cyber & Privacy Innovation Institute, told CFO Brew, "but that doesn't mean there isn't work to do."

As their companies' finance leaders, CFOs are instrumental in determining whether a cybersecurity incident is material, but they have other roles to play as well. Gorham shared his advice for how CFOs can help their organizations comply with the new regs. Now, aAs a reminder, the regulations consist of what Gorham refers to as three "buckets." Companies that file with the SEC are required to:

Declare any material cybersecurity incidents to the SEC on Item 1.05 of Form 8-K within four business days of determining materiality
Disclose information about their cyber risk management and strategy on a new section of the 10-K called Item 1C
Disclose information about their boards' and management's role in overseeing cybersecurity risk

The first two "buckets," Gorham said, will likely require the most work to comply with.

COMMENTS APPRECIATED

Thank You

***

Comment

You can also reply to this email to leave a comment.

Unsubscribe to no longer receive posts from The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants.
Change your email settings at manage subscriptions.

Trouble clicking? Copy and paste this URL into your browser:
http://medicalexecutivepost.com/2023/10/01/sec-new-cyber-security-regulations/