New SEC cybersecurity disclosure rules and how to comply
The SEC has new cybersecurity disclosure rules for public companies, requiring timely reporting of material incidents and annual disclosure of cybersecurity risk management processes. This white paper explains how to comply. Key points include:
- Public companies must disclose material cybersecurity incidents within 4 business days, detailing the nature, scope, and impact.
- Companies must annually disclose their processes for identifying, assessing, and managing cybersecurity risks, including board and management oversight.
- Compliance requires robust capabilities to detect, investigate, and respond.
Learn how Tanium's XEM platform can help meet the new SEC requirements in this white paper.