Work through a guided materiality questionnaire to decide whether a cybersecurity incident is “material” for a U.S. public company under the SEC rule, then get the 4-business-day Form 8-K Item 1.05 timeline, a draft disclosure outline of what Item 1.05 requires, and the annual Regulation S-K Item 106 governance disclosure checklist for your 10-K. Export to Word.
⚠️ Educational decision aid only — NOT legal, tax, financial, or insurance advice. This tool summarizes the public text of the SEC cybersecurity disclosure rules (17 CFR §229.106 / Item 106 of Regulation S-K and Item 1.05 of Form 8-K, adopted July 2023, effective for Item 1.05 filings on/after 18 Dec 2023). Materiality is a fact-specific legal judgment under TSC Industries v. Northway and Basic v. Levinson (a substantial likelihood a reasonable investor would consider it important / would view it as significantly altering the total mix of information). The materiality determination must be made “without unreasonable delay.” Always involve qualified securities counsel and your disclosure committee before filing. Do not rely on this output as a definitive conclusion.