The U.S. Securities and Exchange Commission adopted a cybersecurity disclosure rule that requires public companies to disclose cybersecurity incidents within four business days of determining the incident is material, unless they fall under a narrow exception.
But how do you determine if an incident is material and needs to be disclosed?
In a free guide from the disclosure management software company Workiva, you can read about:
- A brief overview of the SEC rule
- Six questions to help your company’s cross-functional team assess materiality
- The advanced planning that should help if you ever are the victim of a cyber incident
Be ready with a guide from the leader in SEC reporting software.
