Standards, Regulations & Compliance

Correlating Cyber Investments With Business Outcomes

CEO Ted Gutierrez on Impact of the New SEC Rules for Reporting Material Incidents
Correlating Cyber Investments With Business Outcomes
Ted Gutierrez, co-founder and CEO, SecurityGate

The new rules adopted by the Securities and Exchange Commission require organizations to report cyber incidents that have a material effect on the business within four days and to annually disclose material information about their cybersecurity risk management, strategy and governance. Ted Gutierrez, the CEO of SecurityGate, said the mandates give "more teeth to the idea that cybersecurity is a business problem" and "bring an element of cybersecurity to the boardroom."

Gutierrez discussed the need for CISOs to link cyber risk and business outcomes - something the new rules will help facilitate. He said the new SEC rules will also force security leaders to define what constitutes a real material impact to the business.

In this episode of's podcast series "cybersecurity Insights," Gutierrez also discussed:

    His belief that cybersecurity is overcomplicated and needs to be made less technical;

  • Why he thinks cybersecurity should be "less of an alert button and more of a marathon mentality for resource allocation";
  • The need to spend less money on solutions and more on training.

Gutierrez is committed to protecting what matters across operational sectors by fostering collaboration among industrial cyber teams on their cyber improvement journey. With his extensive background as a compliance and risk auditor for critical infrastructure, he understands the challenges in effectively maturing organizational resilience in a decentralized ecosystem. Gutierrez is a U.S. Army veteran and an expert in reconnaissance and surveillance.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.