Focuses on building cybersecurity awareness among board members and corporate directors. Covers the board's oversight role in cyber risk, how directors can evaluate security posture, regulatory expectations for board-level engagement, and frameworks for effective cybersecurity reporting to the board.
posts
The SEC Just Made Ignorance Expensive In July 2023, the SEC finalized rules requiring public companies to disclose material cybersecurity incidents within four business days — and to describe their board's oversight of cyber risk annually. That single regulatory move turned board-level cybersecurity awareness from a nice-to-have into a
The SEC Changed Everything — Most Boards Still Haven't Caught Up In July 2023, the SEC adopted rules requiring public companies to disclose material cybersecurity incidents within four business days and to describe their board's oversight of cyber risk annually. Since then, I've reviewed dozens
