SEC2413. Best Practices for Navigating SEC Cybersecurity Reporting Requirements

In response to the SEC’s recent cybersecurity disclosure requirements, this panel will provide insights into navigating and implementing best practices for cyber incident reporting. Join industry experts as they explore critical aspects of SEC compliance, including determining materiality, adhering to reporting timelines, and ensuring board oversight in cybersecurity risk management. Attendees will gain practical guidance on aligning their disclosure practices with regulatory expectations, integrating third-party risk considerations, and strengthening governance frameworks to meet SEC mandates. This session will offer actionable strategies to help organizations enhance transparency, maintain compliance, and mitigate potential legal and reputational risks associated with cybersecurity disclosures.


Learning Objectives:

  • Recognize the SEC’s cybersecurity incident disclosure requirements and how they impact reporting practices.
  • Identify actionable strategies for assessing and determining the materiality of cyber incidents.
  • Recall best practices for involving the board and management in cyber risk oversight to ensure compliance with SEC mandates.
  • Distinguish how to effectively align cybersecurity disclosure practices with overall risk management frameworks, including third-party risk considerations.
Date/Time
CPE Credits
1.0
NASBA Field of Study
Auditing
Level
Basic
Prerequisites
0-2 years in the profession
Advanced Preparation
None
Speakers
Image of Steven Ursillo

Steven Ursillo

Partner, Risk Accounting and Advisory, Information Assurance and Cybersecurity
Cherry Bekaert
Image of Raquel Fox

Raquel Fox

Partner
Skadden
Image of Sebastian Gomez

Sebastian Gomez

Associate Director, Disclosure Review Program
Securities & Exchange Commission
Image of John White

John White

Partner
Cravath, Swaine & Moore LLP