All Events and Webinars

A Guide for Public Companies on SEC Cybersecurity Webinar

Cross Industry
Data Security and Privacy
Leadership and Resilience
Incident Response and Recovery
Leadership and Resilience
March 22, 2024
SEC disclosure rules are forcing cybersecurity out of the IT department and into the boardroom. This session explains what the new requirements mean in practice, from faster incident reporting to proving control over sensitive data. Viewers will learn how to improve data visibility, align security with executive decision-making, and prepare for scrutiny from regulators and investors.

In-House Specialists

Raluca Saceanu

Chief Executive Officer

External Speakers

Brian Johnson

Director Information Technology Security

James McCarthy

Senior Vice President Sales, America

Mark Brosnan

Managing Director

Key Strategic Takeaways

Is Cybersecurity Now a Financial Disclosure Obligation?

SEC rules force public companies to treat cybersecurity as a material business risk, requiring formal disclosures on how risks are identified, managed, and governed. Incidents must be assessed quickly for material impact and communicated without exposing sensitive details. Security is no longer just about protection, it’s about being able to explain risk clearly and defensibly to regulators and investors.

Does Governance Require Full Executive Alignment?

Meeting SEC expectations demands coordination between security, legal, executive leadership, and the board. CISOs must provide evidence of program effectiveness, legal teams determine materiality and shape disclosures, and boards must demonstrate informed oversight. Cybersecurity becomes an ongoing executive process, not a siloed technical function.

Does Data Visibility Determine Disclosure Accuracy?

When incidents occur, leadership needs immediate answers: what data was affected, where it lived, and what the business impact is. Most organisations struggle because data is fragmented across cloud, SaaS, endpoints, and third-party environments. Without clear data mapping and ownership, disclosure becomes guesswork, increasing regulatory and reputational risk.

Does DSPM Enable Proactive, Evidence-Based Security?

Data Security Posture Management provides continuous visibility into sensitive data, allowing organisations to understand risk before incidents occur. It shifts security from reactive investigation to proactive control, preventing unsafe data exposure and enabling faster, more accurate responses. This creates a defensible “source of truth” that supports both operational security and regulatory reporting.

Is Preparedness and Communication What Define a Breach Outcome?

Organisations must be ready to communicate transparently and consistently under pressure, with pre-defined incident response plans that include legal, PR, and leadership. Delayed or inconsistent disclosures can damage trust more than the incident itself. Being “SEC-ready” means rehearsing scenarios, aligning messaging, and ensuring disclosures are backed by real evidence, not assumptions.

No items found.
  • 00:04 Welcome and overview of SEC cybersecurity disclosure rules
  • 00:25 Why these rules create pressure for public companies and incident timelines
  • 01:29 Panel introductions and focus on governance, data, and security posture
  • 03:13 Board responsibilities and need for cyber understanding at leadership level
  • 06:44 Challenges boards face with reporting, ambiguity, and data complexity
  • 09:18 Vendor responsibility to translate cyber into business outcomes
  • 13:23 Operational reality: incident response, compliance burden, and reporting timelines
  • 17:16 Shift from reactive security to posture management, especially for data
  • 21:20 DSPM explained as a proactive approach to managing data risk
  • 27:54 Importance of data inventory, ownership, and controls for disclosure accuracy
  • 31:18 Aligning board, legal, PR, and security for transparent incident communication
  • 45:26 Role of AI in accelerating data security posture and reducing implementation timelines
Watch More
Compliance and Risk

Supply Chain & Third-Party Risk | Managing Hidden Cybersecurity Threats

Smarttech247 experts discuss how businesses can improve visibility, reduce third-party cyber risk, and strengthen resilience against supply chain attacks.

The New Ransomware Economics | Edwin Bowers & CrowdStrike on Modern Cyber Extortion

Smarttech247 is joined by CrowdStrike to examine how ransomware groups are evolving and what organisations need to do to improve cyber resilience and incident response.

Building an Effective Security Strategy | Gavan Egan & Raluca Saceanu on Cyber Resilience

Smarttech247 discuss the key cybersecurity priorities organisations should focus on in 2026 while also previewing major themes from ZeroDayCon.

Ready to scale your security and compliance operations?

We protect your on-premise/cloud/OT environments - 24x7x365