6clicks helps organizations manage and report on material cybersecurity events
6clicks announced that it has added SEC Form 8-K content required for event tracking to its incident management module in its GRC platform to help organizations meet new SEC disclosure requirements for qualified cybersecurity events.
The new content support empowers organizations to gather relevant incident details and provide a centralized, single source of truth while enabling tracking through the required steps when a qualifying event occurs. Using these details, the platform makes it easy to package up and deliver information for necessary disclosures in quarterly, annual, or ad hoc SEC reporting.
The new SEC reporting requirements are now included for filings including Forms 8-K, 10-K, and 20-F. Companies must provide details of cybersecurity events and disclose an incident’s nature, scope, and timing, as well as its material impact or reasonably likely material impact on the company. The Form 10-K and Form 20-F disclosures will be due beginning with annual reports for fiscal years ending on or after December 15, 2023. A qualifying event may require the filing of a Form 8-K within four days.
“Meeting the new SEC cybersecurity reporting requirements will be both time-consuming and labor-intensive for companies lacking the centralized and efficient means of collecting security event details and tracking their progress,” said Anthony Stevens, CEO, 6clicks. “The new 6clicks supported SEC content, incident tracking, and reporting not only streamlines the process, but it also ensures greater accuracy and completeness, along with a full trail for auditability.”
Currently, many organizations manually manage incident response through emails, spreadsheets, and documents shared in general repositories, such as SharePoint or Google Drive. Using individual productivity tools for recording and tracking incident response is highly prone to human error and can increase the time it takes to respond. These manual management methods also make it much more difficult to create and maintain an audit trail of the response process and to conduct root cause analysis.
With the new SEC Cybersecurity Rule content, a 6clicks-provided playbook provides a guide for capturing the necessary details in a clear and consistent manner. Playbooks are fully customizable by each organization to accommodate specialized needs, procedures and requirements while ensuring compliance.
With 6clicks, organizations can standardize their approach to incident response for qualifying events and ensure they are tracking through the required SEC processes according to Form 8-K. At the same time, 6clicks produces a defensible audit trail showing that the organization took appropriate steps when responding to an incident/event. Creating a defensible position is critical when organizations are responding to events or incidents.
The new content and capability to support organizations under the SEC Cybersecurity Rule for incident management and response is now available in the 6clicks platform to help organizations manage and report on material cybersecurity events. Managed security service providers and global systems integrators can also use the capabilities to offer important new services to their clients.