SEC Cybersecurity  Disclosure Rules – Are CISOs Ready to Go

            Beyond the Tip of the Iceberg?



            By Brian Levin, Chief Customer Officer, Panaseer


            It’s been more than six months since the SEC’s updated Cybersecurity Disclosure rules came into force.
            These rules represent a sea change for CISOs; both in terms of the burden of additional  cybersecurity
            reporting, and the threat of legal action for providing reports that turn out to be inaccurate or misleading.

            The CISO’s role is in the middle of a generational  shift. While not solely responsible  for organizations’
            risk posture, CISOs need to work with disclosure teams and accurately portray risk posture and security
            processes  to the Enterprise Risk Management  (ERM) team and the board.  CISOs need to understand
            and  communicate  their  company’s  cybersecurity  practices  clearly,  with  a  data-driven  approach  that
            enables factual filings. Understanding  the SEC’s new rules, and what they mean for reporting, will be a
            critical part of this.








            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          43
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.