Guide

What goes in your SEC Form 8-K

Insights and takeaways from over 500 actual 8-K reports

The SEC’s cybersecurity rule has sparked numerous debates and raised many questions within the industry. One of them is what specific details should go into 8-K forms to notify investors about the cybersecurity incident.

While companies are not yet required by the SEC to disclose material cybersecurity incidents, many are doing so voluntarily, and we believe that these insights can help other companies structure their 8-K as they prepare to comply with the SEC’s cybersecurity rule.

Read more in our guide about what’s being disclosed, how quickly, and more.

What is explained in this guide?

We’ll explain the information disclosed in Form 8-Ks, such as:

  • How incidents are described
  • How do companies define and quantify materiality
  • How do companies explain an incident’s impact
How did we create this guide?

We analyzed over 500 Form 8-Ks filed between January and October 2023. Our main objective was to understand what other U.S. public companies disclose in their 8-K filings and how they do it.
What goes in your 8-K

Here is the link to the document you requested.

Download Now