The United States Securities and Exchange Commission (SEC) proposed new rules on cyber-risk management, strategy, governance, and incident disclosure are coming. A plethora of data indicates that most boards are not ready to meet these new standards.
What are the new SEC rules on cybersecurity?
The SEC has proposed new rules that focus on cyber-risk management, strategy, governance, and incident disclosure. These rules will require public companies to disclose their directors' experience in cybersecurity and risk oversight, highlighting the need for boards to understand the material business and financial impacts of cyber threats.
How prepared are boards for the new cybersecurity regulations?
Currently, about 90% of boards are not prepared to meet the new SEC cyber regulations. Many boards lack the ability to contextualize cyber threats in terms of business, operational, and financial exposures, which can lead to erosion of shareholder value.
Why is cybersecurity a priority for boards and CEOs?
Cybersecurity has become a critical priority for boards and CEOs due to the increasing financial exposure from cyber threats, which Cybersecurity Ventures estimates could lead to damages reaching $8 trillion this year. Boards need to address cyber investments and risks to ensure business resilience and protect shareholder value.
Sign in with LinkedIn