Lynx Can Help You with the SEC Final Rule on Cybersecurity Risk Management

This new rule, which was adopted on July 26, 2023, requires public companies to disclose material cybersecurity incidents within four business days of determining that the incident is material and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.

Lynx can help companies comply with the new ruling by providing a variety of services, including:

  • Risk assessments to identify and assess the risks posed by the new ruling
  • Gap analyses to compare current security and risk management practices to the requirements of the new ruling
  • Policy development and implementation to ensure that companies have the necessary policies and procedures in place to comply with the new ruling
  • Technology solutions to implement and manage security and risk management controls required by the new ruling
  • Training and awareness programs to educate employees on the requirements of the new ruling

“The new ruling is a significant change for many companies, we can help companies understand the requirements of the ruling, assess their risks, and implement the necessary controls to comply. While public companies are required to comply with the rule, other organizations should also consider implementing the rule’s requirements to protect their information assets and reduce the risk of cybersecurity incidents.”

Aric K. Perminter, Chairman and Founder at Lynx Technology Partners

Lynx has a proven track record of helping companies comply with complex regulations. The company’s team of experienced security and risk management professionals has a deep understanding of the new ruling and can help companies develop and implement a comprehensive compliance plan.

Additional Resources

Learn more about this ruling in our recent blog post, SEC Final Rule on Cybersecurity Risk Management: What You Need to Know.

SEC Final Rule PDF


SEC Fact Sheet PDF