Guidance and Tools

Find actionable guidance featured below - part of a more extensive collection of Infosec content available to our clients in the IANS Insights Portal.

2023 SEC Cyber Disclosure Rules Guidance

  • New SEC Rules: What Even Non-Public Orgs Should Know
  • SEC Cyber Disclosure Checklist


This two-part piece explains the new SEC rules, details actionable takeaways for even non-publicly traded organizations, and provides a requirements checklist focusing on incident disclosure to enable organizations to assess gaps that need to be addressed quickly.

Complete the form, and we’ll email you a copy of the 2023 SEC Cyber Disclosure Rules Guidance.

Next Steps for CISOs

For CISOs, we recommend the following actions:

  • Revisit current incident disclosure policies & compare them with the new regulations
  • Discuss what “material” incidents mean to your org & practice disclosures
  • Educate executives on the changes & what they mean for the business
  • Review board oversight structure & responsibilities on cyber matters
  • Hold tabletops to educate the management team & the board to prepare for cyber incidents
  • Use analytics to better understand the financial implications of your organization’s cyber risk exposure
  • Retain third-party auditors to assess your program

 

Videos

SEC Cyber Disclosure Guidance- Sounil Yu

Sounil Yu, IANS Research

SEC Cyber Disclosure Guidance- Allison Miller

Allison Miller, IANS Research

IANS logo

About IANS

For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for making decisions and articulating risk. We provide experience-based security insights for chief information security officers and their teams. The core of our value comes from the IANS Faculty, a network of seasoned practitioners. We support client decisions and executive communications with Ask-an-Expert inquiries, our peer community, deployment-focused reports, tools and templates, and consulting.