SEC’s New Cybersecurity Rules Raise Bar for CISOs

by | Jul 31, 2023

The Securities and Exchange Commission (SEC) has raised the bar for transparency and accountability in cybersecurity with its newly adopted rules. As we transition to a world increasingly dependent on digital infrastructure, it’s becoming increasingly crucial for public companies to protect their shareholders and stakeholders from potential cyber threats. The SEC, recognizing this shift has taken a critical step forward with regulations demanding comprehensive disclosures about cybersecurity incidents, risk management strategies, and governance processes. 

The new rules also add Regulation S-K Item 106, which will require registrants to describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, as well as the material effects or reasonably likely 

The regulation puts forth a significant expectation for CISOs to be able to accurately define, recognize, and track risk. If there’s a failure to adhere to these defined processes and a material event occurs, companies can be held responsible. Moreover, in extreme cases, such lapses could potentially be viewed as ‘perjury’. Thereby making the CISO directly liable, a possibility highlighted by Joe Sullivan’s case. 

These regulatory adjustments will probably cause ripples in the cyber insurance sector prompting a reassessment of the ‘industry standards’. As companies have to meet more stringent disclosure requirements, we may see an increase in the ‘bare minimum requirements’. 

So, where does Veriti come into the picture in this new regulatory landscape? 

Veriti, with its innovation-driven approach, is ideally positioned to assist organizations in navigating this new regulatory landscape. Our consolidated platform provides continuous security posture monitoring. This service not only fortifies an organization’s cybersecurity posture but also aligns perfectly with the new demand for transparent, accountable, and repeatable risk management processes. 

By automating security control assessments, we offer a streamlined and efficient solution that extends beyond the limitations of traditional audits. This continuous monitoring approach offers real-time insight into an organization’s security posture. Such as identifying and remediating gaps, misconfigurations, and potential vulnerabilities across integrated solutions.  

Veriti’s consolidated platform is not just a security tool; it’s an enabler. It empowers organizations to proactively manage their cybersecurity risks and comply with the new regulatory requirements. All without disrupting crucial business operations. Our platform ensures this by integrating a unique capability: non-disruptive remediation. This approach enables organizations to swiftly and effectively address gaps and vulnerabilities. While also ensuring that the remediation actions taken do not compromise the smooth running of their operations.  

While these new SEC rules currently apply to publicly traded companies, we anticipate that they will soon become the industry standard across the board, given the universal relevance of robust cybersecurity practices. Regardless of the organization’s size or sector, Veriti stands ready to support CISOs and security teams in maintaining an uncompromised security posture, thereby protecting their organizations and stakeholders from potential liabilities. 

Get your security controls assessment now

Recommended Articles

Subscribe to our BLOG

Get the latest security insights, news and articles delivered to your inbox.


Product Overview

Maximize security posture while ensuring business uptime


AI-Powered Contextual Cybersearch

Automated Security Controls Assessment

Validate your security control


Connect Veriti with your security solutions

Use Cases

Agentless OS-Level Remediation

Proactively safeguard your systems directly at the OS-Level on the endpoint

Vulnerability Remediation

Safely remediate vulnerabilities in one click

Business Continuity

Reduce alert fatigue. Increase Security Effectiveness


Proactively neutralize misconfigurations to minimize exposure risks

Mobilizing Threat Remediation

Identify and mobilize threat remediation across the security stack automatically.


Safe Remediation

Ensure remediation actions do not give rise to additional exposures

VERITI FOR Enterprises

increase business outcomes


Efficiently manage multiple clients in a consolidated platform


Neutralize security gaps without impacting healthcare operations


Protect the heart of your production processes

State of Enterprise Security Controls

DOWNLOAD Report >>


See all resources


Veriti's security blog


The latest guides, white papers and infographics


Live event and on-demand webinars


Our Comprehensive Definitions Guide



Our Story

Learn about Veriti


Work with us


Our latest updates

Contact US

Get in touch


Become a partner


Reduce operational costs