When Cybersecurity Disclosure Rules Widen the Gap Between Reputation and Risk
In December 2023, a new rule from the U.S. Securities and Exchange Commission (SEC) went into effect requiring publicly traded companies to disclose “material” cybersecurity incidents. Many have been quick to point out that the rule’s required disclosure time is not only too quick for many companies, but it puts unnecessary pressure on CISOs.
Already, the role of a CISO is changing thanks to more complex environments, new technology, and a rapidly evolving threat landscape. Will the new SEC disclosure rule make their jobs more challenging than ever? And how will teams responsible for detecting and responding to cyber incidents keep up when so many organizations still struggle with outdated processes and ineffective approaches to monitoring for threats?
Watch the replay with Liran Sheinbox, CISO of Playtika, and Lenny Zeltser, CISO of Axonius, to learn:
- How to update your organization’s incident response plans to factor in the new SEC guidelines
- The importance of establishing internal communication policies between the security team, the C-Suite, and board of directors
- Why having a solid cybersecurity foundation is key to evaluating if and when cyber incidents become material
CISO of Axonius
CISO of Playtika