Proposed SEC Cyber Security Rules

The jurisdiction would be in the US for firms subject to SEC jurisdiction. This would include all firms listed on US exchanges and firms interested in investing in these firms.

Understand why disclosure is necessary in order to comply with the latest rules. Understanding the consequences of failure to comply would be that the firm could not get an auditor to create a 10-K or 8-K. This may result in delisting from an exchange. In addition, failure to adequately disclose could result in lawsuits. To comply firms will have to disclose what the rule requires which will be discussed. Preparation may require the completion of a cyber security framework and risk assessment. The SEC mandated the change to unify the reporting of cyber security defenses in listed firms.

• Jurisdiction
• The prior law including guidance will be discussed.
• Relevant cases will also be discussed
• Description of the new rules
• Requirements for compliance will be outlined

To prepare a listed firm to meet the requirements of the new rules that came out in July. These rules describe the disclosure requirements for listed firms including disclosure on forms 10-K and 8-K. These disclosure requirements are mandatory.

• Individuals.
• tasked with compliance for the listed firm including compliance officers.
• CISOs.
• CTO.
• Securities auditors, securities counsel, and C suite tasked with overseeing cyber security and compliance.

William Gamble, Lawyer, Author, and Cyber Security consultant. Spoken around the world, Authored 4 books and a variety of articles. JD, LLM, A+, Network+, Security+, CASP+, LI LA ISO 27001, GDPR. Former member of many state and federal bars. One of the few Attorneys with advanced cyber security and network certifications, with over 20 years of experience in global regulatory environments working across disciplines to optimize collaboration to increase the effectiveness of logical, management, legal, and physical controls for protecting any corporate assets from cyber thieves, plaintiffs or government regulators both in the US and abroad. Persuasive, self-motivated, entrepreneurial leadership professional with extensive expertise in both law, regulation, technology, and finance to support companies; determining the most cost-effective way to protect customer property, privacy, and brand loyalty; leverage the legal and technological expertise to understand the risk and ensure that information infrastructure remains available, secure and compliant with regulatory mandates. The real in-depth legal analysis does not check the box with the ability to map new regulatory mandates to technical controls. A loyal, tactical team builder and risk manager seeking to utilize his cross-discipline background to enhance the effectiveness of information security in a progressive organization. Multilingual: Fluent in French with Russian, Spanish, and Italian ability.